diff --git a/CHANGELOG.md b/CHANGELOG.md index 2072775..0c48b8f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,11 @@ # Changelog ## Unreleased +- BigBlueButton v2.4 @alangecker [#159](https://github.com/bigbluebutton/docker/pull/159) +- **Breaking change:** change nginx port from `8080` to `48087`. see [upgrade note](docs/upgrading.md) @alangeker [#133](https://github.com/bigbluebutton/docker/issues/133) +- Enable optimization for Prometheus Exporter when recording is enabled @omidmaldar [#161](https://github.com/bigbluebutton/docker/pull/161) +- Automatically remove old recordings after N days @omidmaldar [#162](https://github.com/bigbluebutton/docker/pull/162) + ## Release v2.3.14-1 (2021-10-06) - Applied changes v2.3.5-v2.3.14 @alangecker diff --git a/README.md b/README.md index 7d5da15..c6ad205 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ bbb-docker-banner -# 📦 BigBlueButton 2.3 Docker +# 📦 BigBlueButton 2.4 Docker -Version: 2.3.14 | [Changelog](CHANGELOG.md) | [Issues](https://github.com/bigbluebutton/docker/issues) +Version: 2.4.0 | [Changelog](CHANGELOG.md) | [Issues](https://github.com/bigbluebutton/docker/issues) ## Features - Easy installation diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index b585b73..b33e7b4 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -43,6 +43,7 @@ services: restart: unless-stopped depends_on: - redis + - etherpad healthcheck: test: wget --no-proxy --no-verbose --tries=1 --spider http://10.7.7.2:8090/bigbluebutton/api || exit 1 start_period: 2m @@ -56,6 +57,7 @@ services: STUN_SERVER: stun:${STUN_IP}:${STUN_PORT} TURN_SERVER: ${TURN_SERVER:-} TURN_SECRET: ${TURN_SECRET:-} + ENABLE_LEARNING_DASHBOARD: ${ENABLE_LEARNING_DASHBOARD:-true} NUMBER_OF_BACKEND_NODEJS_PROCESSES: {{ .Env.NUMBER_OF_BACKEND_NODEJS_PROCESSES }} volumes: - bigbluebutton:/var/bigbluebutton @@ -242,6 +244,8 @@ services: jodconverter: build: mod/jodconverter restart: unless-stopped + tmpfs: + - /tmp deploy: resources: limits: @@ -362,7 +366,7 @@ services: DB_USERNAME: postgres DB_PASSWORD: ${POSTGRESQL_SECRET:-password} {{ if isTrue .Env.DEV_MODE }} - BIGBLUEBUTTON_ENDPOINT: http://10.7.7.1:8080/bigbluebutton/api/ + BIGBLUEBUTTON_ENDPOINT: http://10.7.7.1:48087/bigbluebutton/api/ {{else}} BIGBLUEBUTTON_ENDPOINT: https://${DOMAIN}/bigbluebutton/api/ {{end}} @@ -392,7 +396,7 @@ services: image: greenstatic/bigbluebutton-exporter:v0.7.0-preview2 restart: unless-stopped environment: - API_BASE_URL: http://10.7.7.1:8080/bigbluebutton/api/ + API_BASE_URL: http://10.7.7.1:48087/bigbluebutton/api/ API_SECRET: ${SHARED_SECRET} RECORDINGS_METRICS_READ_FROM_DISK: "${ENABLE_PROMETHEUS_EXPORTER_OPTIMIZATION:-false}" networks: diff --git a/docs/existing-web-server.md b/docs/existing-web-server.md index 867e32f..adf2ff8 100644 --- a/docs/existing-web-server.md +++ b/docs/existing-web-server.md @@ -8,7 +8,7 @@ You could dedicate a virtual host to BigBlueButton, allowing external access to ## Installation 1. Install BigBlueButton Docker [as explained above](#install). While running the setup script, please choose `n` when you're asked the following question: `Should an automatic HTTPS Proxy be included? (y/n)`. -2. Now all the required Docker containers should be running. BigBlueButton listens to port 8080. Create a virtual host by which BigBlueButton will be publicly accessible (in this case, let's assume the following server name for the virtual host: `bbb.example.com`). Enable SSL for the new _https_ virtual host. Make sure that the SSL certificate you will be using is signed by a CA (Certificate Authority). You could generate an SSL certificate for free using Let's Encrypt. It is suggested to add some directives to the _http_ virtual host `bbb.example.com` to redirect all requests to the _https_ one. +2. Now all the required Docker containers should be running. BigBlueButton listens to port 48087. Create a virtual host by which BigBlueButton will be publicly accessible (in this case, let's assume the following server name for the virtual host: `bbb.example.com`). Enable SSL for the new _https_ virtual host. Make sure that the SSL certificate you will be using is signed by a CA (Certificate Authority). You could generate an SSL certificate for free using Let's Encrypt. It is suggested to add some directives to the _http_ virtual host `bbb.example.com` to redirect all requests to the _https_ one. At this point, choose one of the following sections according to which Web server you're running ([Apache](#integration-with-apache)). @@ -39,7 +39,7 @@ server { location / { proxy_http_version 1.1; - proxy_pass http://$endpoint_addr:8080; + proxy_pass http://$endpoint_addr:48087; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; @@ -68,12 +68,12 @@ ProxyPreserveHost On RewriteEngine On RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR] RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC] -RewriteRule .* ws://127.0.0.1:8080%{REQUEST_URI} [P,QSA,L] +RewriteRule .* ws://127.0.0.1:48087%{REQUEST_URI} [P,QSA,L] Require all granted - ProxyPass http://127.0.0.1:8080/ - ProxyPassReverse http://127.0.0.1:8080/ + ProxyPass http://127.0.0.1:48087/ + ProxyPassReverse http://127.0.0.1:48087/ ``` 3. Restart Apache: diff --git a/docs/upgrading.md b/docs/upgrading.md index 82e1023..80261ad 100644 --- a/docs/upgrading.md +++ b/docs/upgrading.md @@ -1,6 +1,11 @@ # How To Upgrade bbb-docker -### within `2.3.x +### Upgrading `v2.3.x` -> `v2.4.x` +*Breaking change:* The nginx port changes from `8080` to the less common port `48087`, to avoid port conflicts (see [#133](https://github.com/bigbluebutton/docker/issues/133)). If you use an reverse proxy not included in this repo, ensure to update your config accordingly! + +apart from that follow the guide below. + +### within `v2.4.x` or `v2.3.x` #### Backup if you use greenlight, create a database backup first ```bash @@ -15,44 +20,3 @@ docker exec -t docker_postgres_1 pg_dumpall -c -U postgres > /root/greenlight_`d # restart updated services docker-compose up -d ``` - - -### from `2.2.x` to `2.3.x` - -```bash -cd bbb-docker - -# if you use greenlight: create a database backup -./scripts/compose exec postgres pg_dumpall -c -U postgres > /root/bbb-docker-2.2-backup.sql - -# stop bbb-docker -./scripts/compose down - -# go back and rename folder -cd .. -mv bbb-docker bbb-docker-2.2-archived - -# get bbb-docker 2.3 -git clone --recurse-submodules https://github.com/bigbluebutton/docker.git bbb-docker -cd bbb-docker - -# do setup -./scripts/setup - -# optionally do additional changes -nano .env - -# regenerate the docker-compose file -./scripts/generate-compose - -# if you use greenlight, import database backup -docker-compose up -d postgres -cat /root/bbb-docker-2.2-backup.sql | docker-compose exec -T postgres psql -U postgres - -# start new BBB 2.3 -docker-compose up -d - - -``` -- `$ cd bbb-docker` -- (if you use greenlight) create a database backup first diff --git a/mod/apps-akka/Dockerfile b/mod/apps-akka/Dockerfile index 8835ef7..0758a26 100644 --- a/mod/apps-akka/Dockerfile +++ b/mod/apps-akka/Dockerfile @@ -1,9 +1,9 @@ -FROM mozilla/sbt:8u181_1.2.7 AS builder +FROM mozilla/sbt:8u212_1.2.8 AS builder RUN apt-get update && apt-get install -y subversion # download bbb-common-message -ENV TAG_COMMON_MESSAGE v2.3.14 +ENV TAG_COMMON_MESSAGE v2.4.0 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_COMMON_MESSAGE/bbb-common-message /bbb-common-message \ && rm -rf /bbb-common-message/.svn @@ -14,7 +14,7 @@ RUN cd /bbb-common-message \ # =================================================== -ENV TAG v2.3.14 +ENV TAG v2.4.0 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG/akka-bbb-apps /source \ && rm -rf /source/.svn @@ -25,13 +25,13 @@ RUN cd /source \ # =================================================== -FROM openjdk:8-jre-slim-buster +FROM openjdk:8-jre-slim-bullseye RUN apt update && apt-get install -y wget gosu # install dockerize ENV DOCKERIZE_VERSION v0.6.1 -RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ +RUN wget -q https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz diff --git a/mod/bbb-web/Dockerfile b/mod/bbb-web/Dockerfile index ea71da5..2dcf037 100644 --- a/mod/bbb-web/Dockerfile +++ b/mod/bbb-web/Dockerfile @@ -1,9 +1,9 @@ -FROM mozilla/sbt:8u181_1.2.7 AS builder +FROM mozilla/sbt:8u212_1.2.8 AS builder RUN apt-get update && apt-get install -y subversion # download bbb-common-message -ENV TAG_COMMON_MESSAGE v2.3.14 +ENV TAG_COMMON_MESSAGE v2.4.0 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_COMMON_MESSAGE/bbb-common-message /bbb-common-message \ && rm -rf /bbb-common-message/.svn @@ -26,7 +26,7 @@ RUN cd /opt \ ENV PATH="/opt/gradle-6.7/bin:${PATH}" # download bbb-common-web -ENV TAG_COMMON_WEB v2.3.14 +ENV TAG_COMMON_WEB v2.4.0 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_COMMON_WEB/bbb-common-web /bbb-common-web \ && rm -rf /bbb-common-message/.svn @@ -35,7 +35,7 @@ RUN cd /bbb-common-web \ && ./deploy.sh # download bbb-web -ENV TAG_WEB v2.3.14 +ENV TAG_WEB v2.4.0 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_WEB/bigbluebutton-web /bbb-web \ && rm -rf /bbb-web/.svn @@ -50,7 +50,7 @@ RUN unzip -q /bbb-web/build/libs/bigbluebutton-0.10.0.war -d /dist # =================================================== -FROM openjdk:8-jre-slim-buster +FROM openjdk:8-jre-slim-bullseye RUN apt-get update && apt-get install -y \ wget unzip gosu locales \ @@ -68,7 +68,7 @@ RUN groupadd -g 998 bigbluebutton && useradd -m -u 998 -g bigbluebutton bigblueb # add dockerize ENV DOCKERIZE_VERSION v0.6.1 -RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ +RUN wget -q https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz @@ -77,10 +77,10 @@ RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSI RUN mkdir -p /usr/share/bigbluebutton/blank \ && cd /usr/share/bigbluebutton/blank \ && wget \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.3.4/bigbluebutton-config/slides/blank-svg.svg \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.3.4/bigbluebutton-config/slides/blank-thumb.png \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.3.4/bigbluebutton-config/slides/blank-presentation.pdf \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.3.4/bigbluebutton-config/slides/blank-png.png \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4.0/bigbluebutton-config/slides/blank-svg.svg \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4.0/bigbluebutton-config/slides/blank-thumb.png \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4.0/bigbluebutton-config/slides/blank-presentation.pdf \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4.0/bigbluebutton-config/slides/blank-png.png \ && sed -i 's///g' /etc/ImageMagick-6/policy.xml # get bbb-web diff --git a/mod/bbb-web/bbb-web.properties b/mod/bbb-web/bbb-web.properties index 1c7d96c..0f500d2 100644 --- a/mod/bbb-web/bbb-web.properties +++ b/mod/bbb-web/bbb-web.properties @@ -18,3 +18,5 @@ beans.presentationService.defaultUploadedPresentation=https://test.bigbluebutton {{else}} beans.presentationService.defaultUploadedPresentation=${bigbluebutton.web.serverURL}/default.pdf {{end}} + +learningDashboardEnabled={{ .Env.ENABLE_LEARNING_DASHBOARD }} \ No newline at end of file diff --git a/mod/bbb-web/entrypoint.sh b/mod/bbb-web/entrypoint.sh index 4762952..cf65053 100755 --- a/mod/bbb-web/entrypoint.sh +++ b/mod/bbb-web/entrypoint.sh @@ -13,6 +13,7 @@ mkdir -p /var/bigbluebutton/recording/status/ended mkdir -p /var/bigbluebutton/recording/status/published mkdir -p /var/bigbluebutton/captions/inbox mkdir -p /var/bigbluebutton/published +mkdir -p /var/bigbluebutton/published/notes mkdir -p /var/bigbluebutton/deleted mkdir -p /var/bigbluebutton/unpublished chown -R bigbluebutton:bigbluebutton /var/bigbluebutton diff --git a/mod/etherpad/Dockerfile b/mod/etherpad/Dockerfile index cd956e8..0aa80fa 100644 --- a/mod/etherpad/Dockerfile +++ b/mod/etherpad/Dockerfile @@ -1,4 +1,4 @@ -FROM etherpad/etherpad:1.8.13 +FROM etherpad/etherpad:1.8.16 USER root @@ -7,15 +7,13 @@ RUN apt-get update \ USER etherpad -# only used to trigger a fresh run of the npm install -# command without caching -ENV TAG v2.3.0 - +# ep_cursortrace: using mconf's fork due to https://github.com/ether/ep_cursortrace/pull/25 not being accepted upstream RUN npm install \ - git+https://git@github.com/pedrobmarin/ep_pad_ttl.git \ - git+https://git@github.com/pedrobmarin/ep_redis_publisher.git \ - git+https://git@github.com/ether/ep_disable_chat.git \ - git+https://github.com/ether/ep_sticky_attributes.git \ + ep_cursortrace@3.1.11 \ + git+https://github.com/pedrobmarin/ep_pad_ttl.git#360136cd38493dd698435631f2373cbb7089082d \ + git+https://github.com/pedrobmarin/ep_redis_publisher.git#1d903bf900dd53ebc5347f9583b6e240cf754d63 \ + git+https://github.com/ether/ep_disable_chat.git#v0.0.3 \ + git+https://github.com/ether/ep_sticky_attributes.git#v0.1.9 \ # remove npm lockfile, because somehow it prevents etherpad from detecting the manual added plugin ep_bigbluebutton_patches && rm package-lock.json diff --git a/mod/etherpad/bbb-etherpad-plugin b/mod/etherpad/bbb-etherpad-plugin index dccf33f..068ded5 160000 --- a/mod/etherpad/bbb-etherpad-plugin +++ b/mod/etherpad/bbb-etherpad-plugin @@ -1 +1 @@ -Subproject commit dccf33f8e9ced8ee94520535b487f5f76fbe02f2 +Subproject commit 068ded573380087e120713d1ccc3c86713ec8c88 diff --git a/mod/freeswitch/Dockerfile b/mod/freeswitch/Dockerfile index 2cb4d30..7c38e25 100644 --- a/mod/freeswitch/Dockerfile +++ b/mod/freeswitch/Dockerfile @@ -1,14 +1,14 @@ -FROM debian:buster-slim +FROM debian:bullseye-slim # add freeswitch repo RUN apt-get update && \ apt-get install -y --no-install-recommends subversion curl wget ca-certificates gnupg gnupg2 lsb-release unzip && \ -curl -k https://files.freeswitch.org/repo/deb/debian-release/fsstretch-archive-keyring.asc | apt-key add - && \ -echo 'deb http://files.freeswitch.org/repo/deb/debian-release/ buster main' > /etc/apt/sources.list.d/freeswitch.list +wget -O /usr/share/keyrings/freeswitch-archive-keyring.gpg https://files.freeswitch.org/repo/deb/debian-release/freeswitch-archive-keyring.gpg && \ +echo 'deb [signed-by=/usr/share/keyrings/freeswitch-archive-keyring.gpg] http://files.freeswitch.org/repo/deb/debian-release/ bullseye main' > /etc/apt/sources.list.d/freeswitch.list # install dockerize ENV DOCKERIZE_VERSION v0.6.1 -RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ +RUN wget -q https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz diff --git a/mod/fsesl-akka/Dockerfile b/mod/fsesl-akka/Dockerfile index bace1ea..be10fee 100644 --- a/mod/fsesl-akka/Dockerfile +++ b/mod/fsesl-akka/Dockerfile @@ -1,9 +1,9 @@ -FROM mozilla/sbt:8u181_1.2.7 AS builder +FROM mozilla/sbt:8u212_1.2.8 AS builder RUN apt-get update && apt-get install -y subversion # download bbb-common-message -ENV TAG_COMMON_MESSAGE v2.3.14 +ENV TAG_COMMON_MESSAGE v2.4.0 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_COMMON_MESSAGE/bbb-common-message /bbb-common-message \ && rm -rf /bbb-common-message/.svn @@ -13,7 +13,7 @@ RUN cd /bbb-common-message \ # =================================================== -ENV TAG_FSESL v2.3.14 +ENV TAG_FSESL v2.4.0 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_FSESL/bbb-fsesl-client /bbb-fsesl-client \ && rm -rf /bbb-fsesl-client/.svn @@ -21,7 +21,7 @@ RUN cd /bbb-fsesl-client \ && ./deploy.sh -ENV TAG v2.3.14 +ENV TAG v2.4.0 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG/akka-bbb-fsesl /source \ && rm -rf /source/.svn @@ -32,13 +32,13 @@ RUN unzip /source/target/universal/bbb-fsesl-akka-0.0.2.zip -d / # # =================================================== -FROM openjdk:8-jre-slim-buster +FROM openjdk:8-jre-slim-bullseye RUN apt update && apt-get install -y wget gosu # install dockerize ENV DOCKERIZE_VERSION v0.6.1 -RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ +RUN wget -q https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz diff --git a/mod/html5/Dockerfile b/mod/html5/Dockerfile index cbb78d1..62029ee 100644 --- a/mod/html5/Dockerfile +++ b/mod/html5/Dockerfile @@ -1,4 +1,4 @@ -FROM node:12-buster-slim AS builder +FROM node:14.18.1-bullseye-slim AS builder RUN apt-get update && apt-get install -y wget curl subversion python3 build-essential RUN groupadd -g 2000 meteor && useradd -m -u 2001 -g meteor meteor @@ -6,22 +6,21 @@ RUN groupadd -g 2000 meteor && useradd -m -u 2001 -g meteor meteor # download dockerize ENV DOCKERIZE_VERSION v0.6.1 -RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ +RUN wget -q https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz USER meteor -ENV METEOR_VERSION 1.10.2 +ENV METEOR_VERSION 2.5 RUN curl -sL https://install.meteor.com?release=$METEOR_VERSION | sed s/--progress-bar/-sL/g | /bin/sh -ENV TAG v2.3.14 +ENV TAG v2.4.0 RUN cd ~ \ && svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG/bigbluebutton-html5 \ && mv ~/bigbluebutton-html5 ~/source \ && cd ~/source \ - && ~/.meteor/meteor npm install --production \ - && npm rebuild node-sass \ - && METEOR_DISABLE_OPTIMISTIC_CACHING=1 ~/.meteor/meteor build --directory ~/app \ + && ~/.meteor/meteor npm ci --production \ + && METEOR_DISABLE_OPTIMISTIC_CACHING=1 ~/.meteor/meteor build --architecture os.linux.x86_64 --directory ~/app \ && rm -rf ~/source RUN cd ~/app/bundle/programs/server \ @@ -29,7 +28,7 @@ RUN cd ~/app/bundle/programs/server \ # ------------------------------ -FROM node:12-alpine +FROM node:14.18.1-alpine RUN addgroup -g 2000 meteor && \ adduser -D -u 2001 -G meteor meteor && \ @@ -37,9 +36,9 @@ RUN addgroup -g 2000 meteor && \ COPY --from=builder /usr/local/bin/dockerize /usr/local/bin/dockerize COPY --from=builder --chown=meteor:meteor /home/meteor/app/bundle /app COPY entrypoint.sh /entrypoint.sh -COPY settings.yml /app/programs/server/assets/app/config/settings.yml.tmpl +COPY bbb-html5.yml /app/bbb-html5.yml.tmpl ENTRYPOINT ["/entrypoint.sh"] # lets set the tag again, so that it is include in the image for later version retrieval -ENV TAG v2.3.14 +ENV TAG v2.4.0 diff --git a/mod/html5/bbb-html5.yml b/mod/html5/bbb-html5.yml new file mode 100644 index 0000000..5194e43 --- /dev/null +++ b/mod/html5/bbb-html5.yml @@ -0,0 +1,27 @@ +public: + app: + listenOnlyMode: {{ .Env.LISTEN_ONLY_MODE }} + skipCheck: {{ .Env.DISABLE_ECHO_TEST }} + clientTitle: {{ .Env.CLIENT_TITLE }} + appName: BigBlueButton HTML5 Client (docker) + breakouts: + breakoutRoomLimit: {{ .Env.BREAKOUTROOM_LIMIT }} + kurento: + wsUrl: wss://{{ .Env.DOMAIN }}/bbb-webrtc-sfu + autoShareWebcam: {{ .Env.AUTO_SHARE_WEBCAM }} + skipVideoPreview: {{ .Env.DISABLE_VIDEO_PREVIEW }} + chat: + enabled: {{ .Env.CHAT_ENABLED }} + startClosed: {{ .Env.CHAT_START_CLOSED }} + note: + url: https://{{ .Env.DOMAIN }}/pad +private: + app: + host: 0.0.0.0 + etherpad: + apikey: {{ .Env.ETHERPAD_API_KEY }} + host: etherpad + port: 9001 + redis: + host: redis + port: '6379' diff --git a/mod/html5/entrypoint.sh b/mod/html5/entrypoint.sh index 19f91f9..bb4d61a 100755 --- a/mod/html5/entrypoint.sh +++ b/mod/html5/entrypoint.sh @@ -12,6 +12,7 @@ export LANG=en_US.UTF-8 export INSTANCE_MAX=1 export ENVIRONMENT_TYPE=production export NODE_VERSION=node-v12.16.1-linux-x64 +export BBB_HTML5_LOCAL_SETTINGS=/app/bbb-html5.yml if [ "$DEV_MODE" == true ]; then echo "DEV_MODE=true, disable TLS certificate rejecting" @@ -36,8 +37,7 @@ if [ "$BBB_HTML5_ROLE" == "frontend" ] && [ "$INSTANCE_ID" == "1" ]; then fi -rm -f /app/programs/server/assets/app/config/settings.yml dockerize \ - -template /app/programs/server/assets/app/config/settings.yml.tmpl:/app/programs/server/assets/app/config/settings.yml \ + -template /app/bbb-html5.yml.tmpl:/app/bbb-html5.yml \ su-exec meteor \ node --max-old-space-size=2048 --max_semi_space_size=128 main.js $PARAM diff --git a/mod/html5/settings.yml b/mod/html5/settings.yml deleted file mode 100644 index a05e340..0000000 --- a/mod/html5/settings.yml +++ /dev/null @@ -1,714 +0,0 @@ -public: - app: - mobileFontSize: 16px - desktopFontSize: 14px - audioChatNotification: false - # Shows the audio modal when user joins the room. The audio modal prompts - # user to select an option ("Microphone" and/or "Listen only") for joining - # audio - autoJoin: true - # Disables the listen only option in audio modal. - listenOnlyMode: {{ .Env.LISTEN_ONLY_MODE }} - forceListenOnly: false - # Skips the echo test when connecting with microphone. - skipCheck: {{ .Env.DISABLE_ECHO_TEST }} - # Skips the echo test when connecting with microphone right after user - # joins the room the first time. Subsequents joins to microphone won't - # have echo test skipped, for example if user leave and join mic again - # or reloading page and joining mic again. - # This setting won't have effect if skipCheck = true - skipCheckOnJoin: false - # - # Allow users to change microphone/speaker dinamically - # The device is changed immediately, without the need to rejoin - # audio. Default value is true - # Firefox users: if no output devices is shown, you may set the flag - # "media.setsinkid.enabled" to make it work properly - # enableDynamicAudioDeviceSelection: true - # - clientTitle: {{ .Env.CLIENT_TITLE }} - appName: BigBlueButton HTML5 Client - bbbServerVersion: 2.3-docker - copyright: '©2021 BigBlueButton Inc.' - html5ClientBuild: "1845-docker" - helpLink: https://bigbluebutton.org/html5/ - lockOnJoin: true - cdn: '' - basename: '/html5client' - # Use https URL of CSS file. Example: https://docs.bigbluebutton.org/admin/customize.html#examples - customStyleUrl: null - askForFeedbackOnLogout: false - # the default logoutUrl matches window.location.origin i.e. bigbluebutton.org for demo.bigbluebutton.org - # in some cases we want only custom logoutUrl to be used when provided on meeting create. Default value: true - allowDefaultLogoutUrl: true - allowUserLookup: false - dynamicGuestPolicy: true - enableGuestLobbyMessage: true - enableNetworkInformation: false - enableLimitOfViewersInWebcam: false - enableMultipleCameras: true - enableTalkingIndicator: true - mirrorOwnWebcam: false - viewersInWebcam: 8 - ipv4FallbackDomain: '' - allowLogout: true - allowFullscreen: true - preloadNextSlides: 2 - warnAboutUnsavedContentOnMeetingEnd: false - mutedAlert: - enabled: true - interval: 200 - threshold: -50 - duration: 4000 - remainingTimeThreshold: 30 - remainingTimeAlertThreshold: 1 - enableDebugWindow: true - # Warning: increasing the limit of breakout rooms per meeting - # can generate excessive overhead to the server. We recommend - # this value to be kept under 16. - breakouts: - breakoutRoomLimit: {{ .Env.BREAKOUTROOM_LIMIT }} - sendInvitationToIncludedModerators: false - # https://github.com/bigbluebutton/bigbluebutton/pull/10826 - customHeartbeat: false - showAllAvailableLocales: true - # Show "Audio Filters for Microphone" option in settings menu. - # When set to true, users are able to enable/disable microphone constraints, - # otherwise default values for 'microphoneConstraints' option - # are used. - # For more info, see 'microphoneConstraints' option in this config. - # If not set, default value is true. - showAudioFilters: true - raiseHandActionButton: - enabled: true - # If enabled, before joining microphone the client will perform a trickle - # ICE against Kurento and use the information about successfull - # candidate-pairs to filter out local candidates in SIP.js's SDP. - # Try enabling this setting in scenarios where the listenonly mode works, - # but microphone doesn't (for example, when using VPN). - # For compatibility check "Browser compatbility" section in: - # https://developer.mozilla.org/en-US/docs/Web/API/RTCDtlsTransport/iceTransport - # This is an EXPERIMENTAL setting and the default value is false - # experimentalUseKmsTrickleIceForMicrophone: false - # - # Shows stats about download and upload rates, audio jitter, lost packets - # and turn information - enableNetworkStats: false - # Enable the button to allow users to copy network stats to clipboard - enableCopyNetworkStatsButton: false - defaultSettings: - application: - animations: true - chatAudioAlerts: false - chatPushAlerts: false - userJoinAudioAlerts: false - userJoinPushAlerts: false - raiseHandAudioAlerts: true - raiseHandPushAlerts: true - guestWaitingAudioAlerts: true - guestWaitingPushAlerts: true - paginationEnabled: true - # fallbackLocale: if the locale the client is loaded in does not have a - # translation a string, it will use the translation from the locale - # specified in fallbackLocale. Note that fallbackLocale should be a - # 100% translated locale for best user experience - fallbackLocale: en - # overrideLocale (default is null): if set (for example to 'de') will - # force all clients to display the German translations of the strings. - # Users can individually set their preferred locale through Settings, - # but on first page load overrideLocale will trump the browser's - # preferred locale - overrideLocale: null - #Audio constraints for microphone. Use this to control browser's - #filters, such as AGC (Auto Gain Control) , Echo Cancellation, - #Noise Supression, etc. - #For more deails, see: - # https://developer.mozilla.org/en-US/docs/Web/API/MediaTrackConstraints - #Currently, google chrome sets {ideal: true} for autoGainControl, - #echoCancellation and noiseSuppression, if not set. - #The accepted value for each constraint is an object of type - #https://developer.mozilla.org/en-US/docs/Web/API/ConstrainBoolean - #These values are used as initial constraints for every new participant, - #and can be changed by user in: Settings > Application > Microphone - #Audio Filters. - # microphoneConstraints: - # autoGainControl: - # ideal: true - # echoCancellation: - # ideal: true - # noiseSuppression: - # ideal: true - audio: - inputDeviceId: undefined - outputDeviceId: undefined - dataSaving: - viewParticipantsWebcams: true - viewScreenshare: true - shortcuts: - openOptions: - accesskey: O - descId: openOptions - toggleUserList: - accesskey: U - descId: toggleUserList - toggleMute: - accesskey: M - descId: toggleMute - joinAudio: - accesskey: J - descId: joinAudio - leaveAudio: - accesskey: L - descId: leaveAudio - togglePublicChat: - accesskey: P - descId: togglePublicChat - hidePrivateChat: - accesskey: H - descId: hidePrivateChat - closePrivateChat: - accesskey: G - descId: closePrivateChat - raiseHand: - accesskey: R - descId: raiseHand - openActions: - accesskey: A - descId: openActions - openDebugWindow: - accesskey: K - descId: openDebugWindow - branding: - displayBrandingArea: true - connectionTimeout: 60000 - showHelpButton: true - effectiveConnection: - - critical - - danger - - warning - externalVideoPlayer: - enabled: true - networkMonitoring: - enableNetworkMonitoring: false - packetLostThreshold: 10 - kurento: - wsUrl: wss://{{ .Env.DOMAIN }}/bbb-webrtc-sfu - # Valid for video-provider. Time (ms) before its WS connection times out - # and tries to reconnect. - wsConnectionTimeout: 4000 - # Time in milis to wait for the browser to return a gUM call (used in video-preview) - gUMTimeout: 20000 - cameraTimeouts: - # Base camera timeout: used as the camera *sharing* timeout and - # as the minimum camera subscribe reconnection timeout - baseTimeout: 30000 - # Max timeout: used as the max camera subscribe reconnection timeout. Each - # subscribe reattempt increases the reconnection timer up to this - maxTimeout: 60000 - screenshare: - bitrate: 1500 - mediaTimeouts: - maxConnectionAttempts: 2 - # Base screen media timeout (send|recv) - baseTimeout: 30000 - # Max timeout: used as the max camera subscribe reconnection timeout. Each - # subscribe reattempt increases the reconnection timer up to this - maxTimeout: 60000 - timeoutIncreaseFactor: 1.5 - constraints: - video: - frameRate: - ideal: 5 - max: 10 - width: - max: 2560 - height: - max: 1600 - audio: true - # cameraProfiles is an array of: - # - id: profile identifier - # name: human-readable profile name - # bitrate - # hidden: whether this profile will be hidden in the video preview dropdown - # constraints: a video media constraints dictionary (without the video key) - cameraProfiles: - # id: unique identifier of the profile - # name: name of the profile visible to users - # default: if this is the default profile which is pre-selected - # bitrate: the average bitrate for used for a webcam stream - # constraints: - # # Optional constraints put on the requested video a browser MAY honor - # # For a detailed list on possible values see: - # # https://developer.mozilla.org/en-US/docs/Web/API/MediaTrackConstraints - # # Examples: - # width: requested width of the camera stream - # frameRate: requested framerate - - id: low-u30 - name: low-u30 - bitrate: 30 - hidden: true - constraints: - frameRate: 3 - - id: low-u25 - name: low-u25 - bitrate: 40 - hidden: true - constraints: - frameRate: 3 - - id: low-u20 - name: low-u20 - bitrate: 50 - hidden: true - constraints: - frameRate: 5 - - id: low-u15 - name: low-u15 - bitrate: 70 - hidden: true - constraints: - frameRate: 8 - - id: low-u12 - name: low-u12 - bitrate: 90 - hidden: true - constraints: - frameRate: 10 - - id: low-u8 - name: low-u8 - bitrate: 100 - hidden: true - constraints: - frameRate: 10 - - id: low - name: Low - default: false - bitrate: 100 - - id: medium - name: Medium - default: true - bitrate: 200 - - id: high - name: High - default: false - bitrate: 500 - constraints: - width: 1280 - frameRate: 15 - - id: hd - name: High definition - default: false - bitrate: 800 - constraints: - width: 1280 - frameRate: 30 - enableScreensharing: true - enableVideo: true - enableVideoMenu: true - enableListenOnly: true - autoShareWebcam: {{ .Env.AUTO_SHARE_WEBCAM }} - skipVideoPreview: {{ .Env.DISABLE_VIDEO_PREVIEW }} - skipVideoPreviewOnFirstJoin: false - # cameraSortingModes.paginationSorting: sorting mode to be applied when pagination is active - # cameraSortingModes.defaultSorting: sorting mode when pagination is not active (full mesh) - # Current implemented modes are: - # 'LOCAL_ALPHABETICAL' | 'VOICE_ACTIVITY_LOCAL' | 'LOCAL_VOICE_ACTIVITY' | 'LOCAL_PRESENTER_ALPHABETICAL' - # The algorithm names are self-explanatory. - cameraSortingModes: - defaultSorting: LOCAL_ALPHABETICAL - paginationSorting: VOICE_ACTIVITY_LOCAL - # Entry `thresholds` is an array of: - # - threshold: minimum number of cameras being shared for profile to applied - # profile: a camera profile id from the cameraProfiles configuration array - # that will be applied to all cameras when threshold is hit - cameraQualityThresholds: - enabled: true - thresholds: - - threshold: 8 - profile: low-u8 - - threshold: 12 - profile: low-u12 - - threshold: 15 - profile: low-u15 - - threshold: 20 - profile: low-u20 - - threshold: 25 - profile: low-u25 - - threshold: 30 - profile: low-u30 - pagination: - # WARNING: the pagination.enabled setting has moved to - # public.app.defaultSettings.application.paginationEnabled - # paginationToggleEnabled: show a pagination toggle in settings for the - # user to enable/disable it - paginationToggleEnabled: true - # how long (in ms) the negotiation will be debounced after a page change. - pageChangeDebounceTime: 2500 - # video page sizes for DESKTOP endpoints. It stands for the number of SUBSCRIBER streams. - # PUBLISHERS aren't accounted for . - # A page size of 0 (zero) means that the page size is unlimited (disabled). - desktopPageSizes: - moderator: 0 - viewer: 5 - # video page sizes for MOBILE endpoints - mobilePageSizes: - moderator: 2 - viewer: 2 - paginationThresholds: - enabled: false - thresholds: - - users: 30 - desktopPageSizes: - moderator: 25 - viewer: 25 - - users: 40 - desktopPageSizes: - moderator: 20 - viewer: 20 - - users: 50 - desktopPageSizes: - moderator: 16 - viewer: 16 - - users: 60 - desktopPageSizes: - moderator: 14 - viewer: 12 - - users: 70 - desktopPageSizes: - moderator: 12 - viewer: 10 - - users: 80 - desktopPageSizes: - moderator: 10 - viewer: 8 - - users: 90 - desktopPageSizes: - moderator: 8 - viewer: 6 - - users: 100 - desktopPageSizes: - moderator: 6 - viewer: 4 - syncUsersWithConnectionManager: - enabled: false - syncInterval: 60000 - allowOutsideCommands: - toggleRecording: false - toggleSelfVoice: false - poll: - enabled: true - maxCustom: 5 - allowDragAndDropFile: false - maxTypedAnswerLength: 45 - captions: - enabled: true - enableDictation: false - backgroundColor: '#000000' - fontColor: '#FFFFFF' - fontFamily: Calibri - fontSize: 24px - takeOwnership: true - lines: 2 - time: 5000 - chat: - enabled: {{ .Env.CHAT_ENABLED }} - itemsPerPage: 100 - timeBetweenFetchs: 1000 - enableSaveAndCopyPublicChat: true - bufferChatInsertsMs: 0 - startClosed: {{ .Env.CHAT_START_CLOSED }} - min_message_length: 1 - max_message_length: 5000 - grouping_messages_window: 10000 - type_system: SYSTEM_MESSAGE - type_public: PUBLIC_ACCESS - type_private: PRIVATE_ACCESS - system_userid: SYSTEM_MESSAGE - system_username: SYSTEM_MESSAGE - public_id: public - public_group_id: MAIN-PUBLIC-GROUP-CHAT - public_userid: public_chat_userid - public_username: public_chat_username - storage_key: UNREAD_CHATS - system_messages_keys: - chat_clear: PUBLIC_CHAT_CLEAR - chat_poll_result: PUBLIC_CHAT_POLL_RESULT - typingIndicator: - enabled: true - note: - enabled: true - url: https://{{ .Env.DOMAIN }}/pad - layout: - autoSwapLayout: false - hidePresentation: false - showParticipantsOnLogin: true - media: - stunTurnServersFetchAddress: '/bigbluebutton/api/stuns' - cacheStunTurnServers: true - fallbackStunServer: '' - mediaTag: '#remote-media' - callTransferTimeout: 5000 - callHangupTimeout: 2000 - callHangupMaximumRetries: 10 - echoTestNumber: 'echo' - relayOnlyOnReconnect: false - listenOnlyCallTimeout: 25000 - #Timeout (ms) for gathering ICE candidates. When this timeout expires - #the SDP is sent to the server with the candidates the browser gathered - #so far. Increasing this value might help avoiding 1004 error when - #user activates microphone. - iceGatheringTimeout: 5000 - sipjsHackViaWs: false - # Mute/umute toggle throttle time - toggleMuteThrottleTime: 300 - #Websocket keepAlive interval (seconds). You may set this to prevent - #websocket disconnection in some environments. When set, BBB will send - #'\r\n\r\n' string through SIP.js's websocket. If not set, default value - #is 0. - websocketKeepAliveInterval: 30 - #Debounce time (seconds) for sending SIP.js's websocket keep alive message. - #If not set, default value is 10. - websocketKeepAliveDebounce: 10 - #Trace sip/audio messages in browser. If not set, default value is false. - traceSip: false - # SDP semantics: plan-b|unified-plan - sdpSemantics: 'unified-plan' - stats: - enabled: true - interval: 10000 - timeout: 30000 - log: true - notification: - warning: false - error: true - jitter: - - 10 - - 20 - - 30 - loss: - - 0.05 - - 0.1 - - 0.2 - rtt: - - 500 - - 1000 - - 2000 - level: - - warning - - danger - - critical - help: STATS_HELP_URL - presentation: - allowDownloadable: true - defaultPresentationFile: default.pdf - panZoomThrottle: 32 - restoreOnUpdate: false - uploadEndpoint: '/bigbluebutton/presentation/upload' - uploadValidMimeTypes: - - extension: .pdf - mime: application/pdf - - extension: .doc - mime: application/msword - - extension: .docx - mime: application/vnd.openxmlformats-officedocument.wordprocessingml.document - - extension: .xls - mime: application/vnd.ms-excel - - extension: .xlsx - mime: application/vnd.openxmlformats-officedocument.spreadsheetml.sheet - - extension: .ppt - mime: application/vnd.ms-powerpoint - - extension: .pptx - mime: application/vnd.openxmlformats-officedocument.presentationml.presentation - - extension: .txt - mime: text/plain - - extension: .rtf - mime: application/rtf - - extension: .odt - mime: application/vnd.oasis.opendocument.text - - extension: .ods - mime: application/vnd.oasis.opendocument.spreadsheet - - extension: .odp - mime: application/vnd.oasis.opendocument.presentation - - extension: .odg - mime: application/vnd.oasis.opendocument.graphics - - extension: .odc - mime: application/vnd.oasis.opendocument.chart - - extension: .odi - mime: application/vnd.oasis.opendocument.image - - extension: .jpg - mime: image/jpeg - - extension: .jpeg - mime: image/jpeg - - extension: .png - mime: image/png - selectRandomUser: - enabled: true - countdown: false - user: - role_moderator: MODERATOR - role_viewer: VIEWER - label: - moderator: false - mobile: true - guest: true - whiteboard: - annotationsQueueProcessInterval: 60 - cursorInterval: 150 - annotations: - status: - start: DRAW_START - update: DRAW_UPDATE - end: DRAW_END - toolbar: - multiUserPenOnly: false - colors: - - label: black - value: '#000000' - - label: white - value: '#ffffff' - - label: red - value: '#ff0000' - - label: orange - value: '#ff8800' - - label: eletricLime - value: '#ccff00' - - label: Lime - value: '#00ff00' - - label: Cyan - value: '#00ffff' - - label: dodgerBlue - value: '#0088ff' - - label: blue - value: '#0000ff' - - label: violet - value: '#8800ff' - - label: magenta - value: '#ff00ff' - - label: silver - value: '#c0c0c0' - thickness: - - value: 14 - - value: 12 - - value: 10 - - value: 8 - - value: 6 - - value: 4 - - value: 2 - - value: 1 - font_sizes: - - value: 36 - - value: 32 - - value: 28 - - value: 24 - - value: 20 - - value: 16 - tools: - - icon: text_tool - value: text - - icon: line_tool - value: line - - icon: circle_tool - value: ellipse - - icon: triangle_tool - value: triangle - - icon: rectangle_tool - value: rectangle - - icon: pen_tool - value: pencil - - icon: hand - value: hand - presenterTools: - - text - - line - - ellipse - - triangle - - rectangle - - pencil - - hand - multiUserTools: - - text - - line - - ellipse - - triangle - - rectangle - - pencil - clientLog: - server: - enabled: false - level: info - console: - enabled: true - level: debug - external: - enabled: false - level: info - url: https://LOG_HOST/html5Log - method: POST - throttleInterval: 400 - flushOnClose: true - logTag: '' -private: - analytics: - includeChat: true - app: - host: 0.0.0.0 - localesUrl: /locale-list - pencilChunkLength: 100 - loadSlidesFromHttpAlways: false - etherpad: - apikey: {{ .Env.ETHERPAD_API_KEY }} - version: 1.2.13 - host: etherpad - port: 9001 - redis: - host: redis - port: '6379' - timeout: 5000 - password: null - debug: false - metrics: - queueMetrics: false - metricsDumpIntervalMs: 60000 - metricsFolderPath: METRICS_FOLDER - removeMeetingOnEnd: true - channels: - toAkkaApps: to-akka-apps-redis-channel - toThirdParty: to-third-party-redis-channel - subscribeTo: - - to-html5-redis-channel - - from-akka-apps-[^f]* - - from-third-party-redis-channel - - from-etherpad-redis-channel - async: - - from-akka-apps-wb-redis-channel - ignored: - - CheckAlivePongSysMsg - - DoLatencyTracerMsg - serverLog: - level: info - streamerLog: false - minBrowserVersions: - - browser: chrome - version: 72 - - browser: chromeMobileIOS - version: Infinity - - browser: firefox - version: 68 - - browser: firefoxMobile - version: 68 - - browser: edge - version: 79 - - browser: ie - version: Infinity - - browser: safari - version: [12, 1] - - browser: mobileSafari - version: [12, 1] - - browser: opera - version: 50 - - browser: electron - version: [0, 36] - - browser: SamsungInternet - version: 10 - - browser: YandexBrowser - version: 19 - \ No newline at end of file diff --git a/mod/https/site-ipv4only.conf b/mod/https/site-ipv4only.conf index 8b0abff..3ab9c1c 100644 --- a/mod/https/site-ipv4only.conf +++ b/mod/https/site-ipv4only.conf @@ -16,7 +16,7 @@ server { location / { proxy_http_version 1.1; - proxy_pass http://127.0.0.1:8080; + proxy_pass http://127.0.0.1:48087; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/mod/https/site.conf b/mod/https/site.conf index 9b21df6..ba81f57 100644 --- a/mod/https/site.conf +++ b/mod/https/site.conf @@ -16,7 +16,7 @@ server { location / { proxy_http_version 1.1; - proxy_pass http://$endpoint_addr:8080; + proxy_pass http://$endpoint_addr:48087; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; diff --git a/mod/jodconverter/Dockerfile b/mod/jodconverter/Dockerfile index 070db8d..fdbab6f 100644 --- a/mod/jodconverter/Dockerfile +++ b/mod/jodconverter/Dockerfile @@ -9,4 +9,9 @@ RUN apt-get update && apt -y install --no-install-recommends \ fonts-noto-cjk \ fonts-liberation \ fontconfig \ - ttf-mscorefonts-installer \ No newline at end of file + ttf-mscorefonts-installer + + +# avoid "APPLICATION FAILED TO START. Config data location '/etc/app/' does not exist" +# https://github.com/bigbluebutton/docker/issues/178 +CMD ["--spring.config.additional-location=optional:/etc/app/"] \ No newline at end of file diff --git a/mod/mongo/mongod.conf b/mod/mongo/mongod.conf index bce6bd9..f791065 100644 --- a/mod/mongo/mongod.conf +++ b/mod/mongo/mongod.conf @@ -28,3 +28,6 @@ replication: setParameter: diagnosticDataCollectionEnabled: false + +security: + javascriptEnabled: false diff --git a/mod/nginx/Dockerfile b/mod/nginx/Dockerfile index 6a0e23a..21026d2 100644 --- a/mod/nginx/Dockerfile +++ b/mod/nginx/Dockerfile @@ -4,20 +4,20 @@ RUN apk add subversion git # -------------------- +ENV TAG_LEARNING_DASHBOARD v2.4.0 +RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG_LEARNING_DASHBOARD/bbb-learning-dashboard /bbb-learning-dashboard && rm -r /bbb-learning-dashboard/.svn +RUN cd /bbb-learning-dashboard && npm ci && npm run build + ENV TAG_PLAYBACK v3.1.0 ENV REACT_APP_BBB_PLAYBACK_BUILD=$TAG_PLAYBACK - -# apparently there is currently no github release & tag created -# for the latest bbb-playback version shipped with 2.3-alpha-6 -# so we use the master branch -# RUN svn checkout https://github.com/bigbluebutton/bbb-playback/tags/$TAG_PLAYBACK /bbb-playback -RUN git clone https://github.com/bigbluebutton/bbb-playback.git /bbb-playback && cd /bbb-playback && git checkout 5934114aa434aba9b73b1a4c2ce228d18f276610 -RUN cd /bbb-playback && npm install && npm run-script build +RUN svn checkout https://github.com/bigbluebutton/bbb-playback/tags/$TAG_PLAYBACK /bbb-playback && rm -r /bbb-playback/.svn +RUN cd /bbb-playback && npm ci && npm run build # -------------------- FROM nginx:1.21-alpine +COPY --from=builder /bbb-learning-dashboard/build /www/learning-dashboard COPY --from=builder /bbb-playback/build /www/playback/presentation/2.3 COPY ./bbb /etc/nginx/bbb COPY ./bigbluebutton /etc/nginx/conf.d/default.conf diff --git a/mod/nginx/bbb/bbb-html5.nginx b/mod/nginx/bbb/bbb-html5.nginx index 809635f..fefc7cf 100644 --- a/mod/nginx/bbb/bbb-html5.nginx +++ b/mod/nginx/bbb/bbb-html5.nginx @@ -25,6 +25,14 @@ location /html5client/fonts { alias /html5-static/app/fonts; } +location /html5client/wasm { + types { + application/wasm wasm; + } + gzip_static on; + alias /html5-static/app/wasm; +} + location /html5client/ { alias /html5-static; try_files $uri @html5client; diff --git a/mod/nginx/bbb/learning-dashboard.nginx b/mod/nginx/bbb/learning-dashboard.nginx new file mode 100644 index 0000000..af549bf --- /dev/null +++ b/mod/nginx/bbb/learning-dashboard.nginx @@ -0,0 +1,9 @@ +location ~ /learning-dashboard/([0-9a-f]+-[0-9]+)/(.*) { + root /var/bigbluebutton/learning-dashboard/; + autoindex off; +} + +location /learning-dashboard/ { + alias /www/learning-dashboard/; + autoindex off; +} diff --git a/mod/nginx/bbb/loadbalancer.nginx b/mod/nginx/bbb/loadbalancer.nginx new file mode 100644 index 0000000..e254118 --- /dev/null +++ b/mod/nginx/bbb/loadbalancer.nginx @@ -0,0 +1,4 @@ +# If you run this BBB node behind a proxy loadbalancer set the hostname of +# the loadbalancer here. This will be used to add CORS headers so requesting +# slides and API calls won't fail +set $bbb_loadbalancer_node ''; diff --git a/mod/nginx/bbb/notes-playback.nginx b/mod/nginx/bbb/notes-playback.nginx new file mode 100644 index 0000000..16f7c43 --- /dev/null +++ b/mod/nginx/bbb/notes-playback.nginx @@ -0,0 +1,4 @@ +location /notes { + root /var/bigbluebutton/published; + index index.html index.htm; +} \ No newline at end of file diff --git a/mod/nginx/bbb/notes.nginx b/mod/nginx/bbb/notes.nginx index 7fe3945..95bde11 100644 --- a/mod/nginx/bbb/notes.nginx +++ b/mod/nginx/bbb/notes.nginx @@ -33,7 +33,7 @@ location /pad/socket.io/socket.io.js { proxy_set_header Host $host; proxy_buffering off; } - + location /pad/socket.io { rewrite /pad/socket.io/(.*) /socket.io/$1 break; proxy_pass http://etherpad:9001/; @@ -49,10 +49,8 @@ location /pad/socket.io { proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; - # this is currently broken - # TODO: fix & reenable - #auth_request /bigbluebutton/connection/checkAuthorization; - #auth_request_set $auth_status $upstream_status; + auth_request /bigbluebutton/connection/checkAuthorization; + auth_request_set $auth_status $upstream_status; } location /static { diff --git a/mod/nginx/bbb/presentation-slides.nginx b/mod/nginx/bbb/presentation-slides.nginx index d458a1b..1ea4c4f 100644 --- a/mod/nginx/bbb/presentation-slides.nginx +++ b/mod/nginx/bbb/presentation-slides.nginx @@ -22,20 +22,32 @@ location ~^\/bigbluebutton\/presentation\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/svg\/(?\d+)$ { default_type image/svg+xml; alias /var/bigbluebutton/$meeting_id_2/$meeting_id_2/$pres_id/svgs/slide$page_num.svg; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } } location ~^\/bigbluebutton\/presentation\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/slide\/(?\d+)$ { alias /var/bigbluebutton/$meeting_id_2/$meeting_id_2/$pres_id/slide-$page_num.swf; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } } location ~^\/bigbluebutton\/presentation\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/thumbnail\/(?\d+)$ { default_type image/png; alias /var/bigbluebutton/$meeting_id_2/$meeting_id_2/$pres_id/thumbnails/thumb-$page_num.png; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } } location ~^\/bigbluebutton\/presentation\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/(?[A-Za-z0-9\-]+)\/textfiles\/(?\d+)$ { default_type text/plain; alias /var/bigbluebutton/$meeting_id_2/$meeting_id_2/$pres_id/textfiles/slide-$page_num.txt; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } } diff --git a/mod/nginx/bbb/web.nginx b/mod/nginx/bbb/web.nginx index bc310a8..c14e5bb 100755 --- a/mod/nginx/bbb/web.nginx +++ b/mod/nginx/bbb/web.nginx @@ -7,18 +7,34 @@ proxy_redirect default; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - # Workaround IE refusal to set cookies in iframe - add_header P3P 'CP="No P3P policy available"'; + # Workaround IE refusal to set cookies in iframe + add_header P3P 'CP="No P3P policy available"'; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + } } location ~ "^\/bigbluebutton\/presentation\/(?[a-zA-Z0-9_-]+)/upload$" { - proxy_pass http://bbb-web:8090; + # Grails can't handle CORS OPTION preflight requests correctly -> lets do this in nginx + if ($request_method = 'OPTIONS') { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + add_header 'Content-Type' 'text/plain; charset=utf-8'; + add_header 'Content-Length' 0; + return 204; + } + proxy_pass http://bbb-web:8090; proxy_redirect default; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # Workaround IE refusal to set cookies in iframe - add_header P3P 'CP="No P3P policy available"'; + add_header P3P 'CP="No P3P policy available"'; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + add_header 'Access-Control-Allow-Credentials' 'true' always; + } # high limit for presentation as bbb-web will reject upload if larger than configured client_max_body_size 1000m; @@ -57,6 +73,9 @@ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # Workaround IE refusal to set cookies in iframe add_header P3P 'CP="No P3P policy available"'; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } } location = /bigbluebutton/presentation/checkPresentation { @@ -90,6 +109,13 @@ proxy_set_header Content-Length ""; proxy_set_header X-Original-URI $request_uri; } + location = /bigbluebutton/connection/legacyCheckAuthorization { + internal; + proxy_pass http://bbb-web:8090; + proxy_pass_request_body off; + proxy_set_header Content-Length ""; + proxy_set_header X-Original-URI $request_uri; + } location = /bigbluebutton/connection/validatePad { internal; @@ -102,6 +128,9 @@ location ~ "^/bigbluebutton\/textTrack\/(?[a-zA-Z0-9]+)\/(?[a-zA-Z0-9_-]+)\/(?.+)$" { # Workaround IE refusal to set cookies in iframe add_header P3P 'CP="No P3P policy available"'; + if ($bbb_loadbalancer_node) { + add_header 'Access-Control-Allow-Origin' $bbb_loadbalancer_node always; + } # Allow 30M uploaded presentation document. client_max_body_size 30m; diff --git a/mod/nginx/bbb/webrtc-sfu.nginx b/mod/nginx/bbb/webrtc-sfu.nginx index b9d96e2..71a5a00 100644 --- a/mod/nginx/bbb/webrtc-sfu.nginx +++ b/mod/nginx/bbb/webrtc-sfu.nginx @@ -1,14 +1,22 @@ location /bbb-webrtc-sfu { + auth_request /bigbluebutton/connection/checkAuthorization; + auth_request_set $auth_status $upstream_status; + # Extra variables are annotated by bbb-web as custom headers + auth_request_set $user_id $sent_http_user_id; + auth_request_set $meeting_id $sent_http_meeting_id; + auth_request_set $voice_bridge $sent_http_voice_bridge; + proxy_pass http://webrtc-sfu:3008; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "Upgrade"; + # Following custom headers are used by bbb-webrtc-sfu + proxy_set_header User-Id $user_id; + proxy_set_header Meeting-Id $meeting_id; + proxy_set_header Voice-Bridge $voice_bridge; proxy_read_timeout 6h; proxy_send_timeout 6h; client_body_timeout 6h; send_timeout 6h; - - auth_request /bigbluebutton/connection/checkAuthorization; - auth_request_set $auth_status $upstream_status; } diff --git a/mod/nginx/bigbluebutton b/mod/nginx/bigbluebutton index 65ae22e..833ef33 100644 --- a/mod/nginx/bigbluebutton +++ b/mod/nginx/bigbluebutton @@ -10,15 +10,16 @@ upstream poolhtml5servers { server 10.7.7.201:4101 fail_timeout=120s max_fails=1; server 10.7.7.202:4102 fail_timeout=120s max_fails=1; server 10.7.7.203:4103 fail_timeout=120s max_fails=1; - server 10.7.7.204:4104 fail_timeout=120s max_fails=1; - server 10.7.7.205:4105 fail_timeout=120s max_fails=1; - server 10.7.7.206:4106 fail_timeout=120s max_fails=1; - server 10.7.7.207:4107 fail_timeout=120s max_fails=1; + # TODO: set server list based on NUMBER_OF_FRONTEND_NODEJS_PROCESSES + # server 10.7.7.204:4104 fail_timeout=120s max_fails=1; + # server 10.7.7.205:4105 fail_timeout=120s max_fails=1; + # server 10.7.7.206:4106 fail_timeout=120s max_fails=1; + # server 10.7.7.207:4107 fail_timeout=120s max_fails=1; } server { - listen 8080 default_server; - listen [::]:8080 default_server; + listen 48087 default_server; + listen [::]:48087 default_server; server_name _; access_log /dev/stdout; absolute_redirect off; diff --git a/mod/periodic/Dockerfile b/mod/periodic/Dockerfile index 95535b4..56fea76 100644 --- a/mod/periodic/Dockerfile +++ b/mod/periodic/Dockerfile @@ -1,4 +1,4 @@ -FROM debian:buster-slim +FROM debian:bullseye-slim # -- install mongo cli RUN apt-get update \ diff --git a/mod/recordings/Dockerfile b/mod/recordings/Dockerfile index c91e8aa..9e55053 100644 --- a/mod/recordings/Dockerfile +++ b/mod/recordings/Dockerfile @@ -36,7 +36,7 @@ RUN cd /tmp \ # add dockerize ENV DOCKERIZE_VERSION v0.6.1 -RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ +RUN wget -q https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz @@ -45,7 +45,7 @@ RUN mkdir -p \ /usr/local/bigbluebutton/core \ /etc/bigbluebutton -ENV TAG v2.3.14 +ENV TAG v2.4.0 # add bbb-record-core (lib, scripts and Gemfile) RUN cd /usr/local/bigbluebutton/core \ @@ -71,7 +71,11 @@ RUN cd /usr/local/bigbluebutton/core \ # log to file instead of journald RUN sed -i 's|Journald::Logger\.new.*|Logger.new("/var/log/bigbluebutton/recording.log")|g' /usr/local/bigbluebutton/core/lib/recordandplayback.rb && \ sed -i 's|Journald::Logger\.new.*|Logger.new("/var/log/bigbluebutton/recording.log")|g' /usr/local/bigbluebutton/core/scripts/rap-caption-inbox.rb && \ - sed -i 's|Logger\.new.*|Logger.new("/var/log/bigbluebutton/recording.log")|g' /usr/local/bigbluebutton/core/scripts/rap-process-worker.rb + sed -i 's|Logger\.new.*|Logger.new("/var/log/bigbluebutton/recording.log")|g' /usr/local/bigbluebutton/core/scripts/rap-process-worker.rb && \ + sed -i 's|Logger\.new.*|Logger.new("/var/log/bigbluebutton/recording.log")|g' /usr/local/bigbluebutton/core/scripts/archive/archive.rb && \ + sed -i 's|Logger\.new.*|Logger.new("/var/log/bigbluebutton/recording.log")|g' /usr/local/bigbluebutton/core/scripts/publish/presentation.rb && \ + sed -i 's|Logger\.new.*|Logger.new("/var/log/bigbluebutton/recording.log")|g' /usr/local/bigbluebutton/core/scripts/utils/captions.rb && \ + sed -i 's|Logger\.new.*|Logger.new("/var/log/bigbluebutton/recording.log")|g' /usr/local/bigbluebutton/core/scripts/process/presentation.rb # add bbb-record with some adjustments so bbb-record works in this environment RUN cd /usr/bin \ @@ -89,6 +93,7 @@ RUN groupadd -g 998 bigbluebutton && useradd -m -u 998 -g bigbluebutton bigblueb # https://github.com/alangecker/bigbluebutton-docker/issues/63 RUN chown -R 998:998 /usr/local/bigbluebutton +COPY bbb-web.properties /etc/bigbluebutton/bbb-web.properties.tmpl COPY bigbluebutton.yml /usr/local/bigbluebutton/core/scripts/bigbluebutton.yml.tmpl COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf COPY entrypoint.sh /entrypoint.sh diff --git a/mod/recordings/bbb-web.properties b/mod/recordings/bbb-web.properties new file mode 100644 index 0000000..c36b7e6 --- /dev/null +++ b/mod/recordings/bbb-web.properties @@ -0,0 +1 @@ +securitySalt={{ .Env.SHARED_SECRET }} \ No newline at end of file diff --git a/mod/recordings/entrypoint.sh b/mod/recordings/entrypoint.sh index 2b85140..7b73930 100755 --- a/mod/recordings/entrypoint.sh +++ b/mod/recordings/entrypoint.sh @@ -7,5 +7,6 @@ chown -R bigbluebutton:bigbluebutton /var/log/bigbluebutton dockerize \ -template /usr/local/bigbluebutton/core/scripts/bigbluebutton.yml.tmpl:/usr/local/bigbluebutton/core/scripts/bigbluebutton.yml \ + -template /etc/bigbluebutton/bbb-web.properties.tmpl:/etc/bigbluebutton/bbb-web.properties \ -stdout /var/log/bigbluebutton/recording.log \ /usr/bin/supervisord --nodaemon \ No newline at end of file diff --git a/mod/webhooks/Dockerfile b/mod/webhooks/Dockerfile index 2992d07..9d3efbd 100644 --- a/mod/webhooks/Dockerfile +++ b/mod/webhooks/Dockerfile @@ -1,8 +1,8 @@ -FROM node:12-alpine +FROM node:14-alpine # download dockerize ENV DOCKERIZE_VERSION v0.6.1 -RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ +RUN wget -q https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && tar -C /usr/local/bin -xzvf dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ && apk add subversion \ @@ -13,7 +13,7 @@ RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSI USER webhooks -ENV TAG v2.3.4 +ENV TAG v2.4.0 RUN svn checkout https://github.com/bigbluebutton/bigbluebutton/tags/$TAG/bbb-webhooks /app \ && rm -rf /app/.svn \ && cd /app && npm install --production diff --git a/mod/webrtc-sfu/Dockerfile b/mod/webrtc-sfu/Dockerfile index d315afa..72884c4 100644 --- a/mod/webrtc-sfu/Dockerfile +++ b/mod/webrtc-sfu/Dockerfile @@ -1,7 +1,15 @@ -FROM node:14-alpine +FROM node:14-bullseye-slim -RUN apk add git \ - && adduser -D -u 2004 -g webrtc-sfu webrtc-sfu + +RUN apt-get update && apt-get -y install \ + git \ + make \ + python \ + python3-pip \ + g++ \ + ffmpeg + +RUN useradd --uid 2004 --user-group webrtc-sfu ADD ./bbb-webrtc-sfu app @@ -17,8 +25,10 @@ RUN cp config/default.example.yml config/production.yml \ && chown -R webrtc-sfu:webrtc-sfu config \ && rm .git \ && npm install --unsafe-perm \ - && npm cache clear --force - + && npm cache clear --force \ + && rm -rf node_modules/mediasoup/worker/out/Release/subprojects \ + && rm -rf node_modules/mediasoup/worker/out/Release/mediasoup-worker.p \ + && rm -rf node_modules/mediasoup/worker/out/Release/deps COPY docker-entrypoint.sh /app/docker-entrypoint.sh USER webrtc-sfu diff --git a/mod/webrtc-sfu/bbb-webrtc-sfu b/mod/webrtc-sfu/bbb-webrtc-sfu index 4f10ca8..4e0fa6b 160000 --- a/mod/webrtc-sfu/bbb-webrtc-sfu +++ b/mod/webrtc-sfu/bbb-webrtc-sfu @@ -1 +1 @@ -Subproject commit 4f10ca89ee638d78fee364e3932f80ed5cc7496b +Subproject commit 4e0fa6bf8ffc1bb8fbbe4fe9843651331e018188 diff --git a/sample.env b/sample.env index f9c6596..3646d11 100644 --- a/sample.env +++ b/sample.env @@ -42,10 +42,11 @@ ENABLE_GREENLIGHT=true # SECRETS # ==================================== # important! change these to any random values -SHARED_SECRET=w6y7nycPafjPhVz3gZdBpQhR4H4MvEQzcZzia5LT -ETHERPAD_API_KEY=NEQKi2eFXSBce4kyGjwAzMn2jeF66peNYQmyFVRr -RAILS_SECRET=cdfbae48b197805a435ab7881da31c642ac1a7d4d5c006441efa8125ae63865ce7c915c651117e0f14358cd98f5287c431929e0f796f4100b2b1c3eb5baad1b0 -POSTGRESQL_SECRET=4xksXUDsaqAkZFSu8HF7pFppN34yy0a9g2iSqD14 +SHARED_SECRET=SuperSecret +ETHERPAD_API_KEY=SuperEtherpadKey +RAILS_SECRET=SuperRailsSecret +POSTGRESQL_SECRET=SuperPostgresSecret +FSESL_PASSWORD=SuperFreeswitchESLPassword @@ -144,6 +145,9 @@ DISABLE_SOUND_ALONE=false # this value to be kept under 12. BREAKOUTROOM_LIMIT=8 +# set to false to disable the learning dashboard +ENABLE_LEARNING_DASHBOARD=true + # ==================================== # Tuning # ==================================== diff --git a/scripts/setup b/scripts/setup index 7a3ad6b..3f4ecdf 100755 --- a/scripts/setup +++ b/scripts/setup @@ -1,7 +1,7 @@ #!/bin/bash set -e -cd $(dirname $0)/.. +cd "$(dirname "$0")/.." if ! [ -x "$(command -v curl)" ]; then echo "Error: curl is not installed, but the setup script relies on it." @@ -79,6 +79,7 @@ then while [[ ! $prometheus_exporter_optimization =~ ^(y|n)$ ]]; do read -p "Choice (y/n): " prometheus_exporter_optimization done +fi if [ "$recording" == "y" ] then @@ -186,17 +187,14 @@ fi RANDOM_1=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 40) RANDOM_2=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 40) RANDOM_3=$(head /dev/urandom | tr -dc a-f0-9 | head -c 128) -if [ ! "$greenlight" == "y" ] -then - RANDOM_4=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 40) -fi +RANDOM_4=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 40) +RANDOM_5=$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 40) + sed -i "s/SHARED_SECRET=.*/SHARED_SECRET=$RANDOM_1/" .env sed -i "s/ETHERPAD_API_KEY=.*/ETHERPAD_API_KEY=$RANDOM_2/" .env sed -i "s/RAILS_SECRET=.*/RAILS_SECRET=$RANDOM_3/" .env -if [ ! "$greenlight" == "y" ] -then - sed -i "s/POSTGRESQL_SECRET=.*/POSTGRESQL_SECRET=$RANDOM_4/" .env -fi +sed -i "s/FSESL_PASSWORD=.*/FSESL_PASSWORD=$RANDOM_4/" .env +sed -i "s/POSTGRESQL_SECRET=.*/POSTGRESQL_SECRET=$RANDOM_5/" .env ./scripts/generate-compose diff --git a/scripts/upgrade b/scripts/upgrade index 941a288..d1fab6a 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -26,7 +26,7 @@ else echo "" echo "# pull newest images" - docker-compose pull + docker-compose pull --ignore-pull-failures echo "" echo "# rebuild images"