diff --git a/.cache/meteor/.gitkeep b/.cache/meteor/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/.cache/npm/.gitkeep b/.cache/npm/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/.gitignore b/.gitignore index aec982e5..6032faa9 100644 --- a/.gitignore +++ b/.gitignore @@ -14,5 +14,11 @@ docker-compose.override.yml # App generated .env +.env.bak postgres-data -greenlight-data \ No newline at end of file +greenlight-data + +.cache/*/** +!.cache/*/.gitkeep +data/* +!data/.gitkeep diff --git a/.gitmodules b/.gitmodules index 9065c088..310486db 100644 --- a/.gitmodules +++ b/.gitmodules @@ -22,3 +22,6 @@ [submodule "repos/bbb-pads"] path = repos/bbb-pads url = https://github.com/bigbluebutton/bbb-pads.git +[submodule "repos/bbb-webrtc-recorder"] + path = repos/bbb-webrtc-recorder + url = https://github.com/bigbluebutton/bbb-webrtc-recorder diff --git a/README.md b/README.md index e8ad7bb8..c18e2be7 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,9 @@ bbb-docker-banner -# 📦 BigBlueButton 2.7 Docker +# 📦 BigBlueButton 3.0 Docker -Version: 2.7.3 | [Changelog](CHANGELOG.md) | [Issues](https://github.com/bigbluebutton/docker/issues) | [Upgrading](docs/upgrading.md) | [Development](docs/development.md) +Version: 3.0.0-alpha.1 | [Changelog](CHANGELOG.md) | [Issues](https://github.com/bigbluebutton/docker/issues) | [Upgrading](docs/upgrading.md) | [Development](docs/development.md) ## Features - Easy installation diff --git a/data/.gitkeep b/data/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/dev.env b/dev.env new file mode 100644 index 00000000..76c69355 --- /dev/null +++ b/dev.env @@ -0,0 +1,214 @@ +# fixed environment for an working dev setup + +# enables +# - meteor dev server +# - watch & restart of bbb-grahql-actions +# - accept self signed certificates +DEV_MODE=true + + + + +# ==================================== +# ADDITIONS to BigBlueButton +# ==================================== +# (place a '#' before to disable them) + +# HTTPS Proxy +# fully automated Lets Encrypt certificates +ENABLE_HTTPS_PROXY=true +# If your network doesn't allow access to DNS at 8.8.8.8 specify your own resolvers +#RESOLVER_ADDRESS=x.x.x.x + +# coturn (a TURN Server) +# requires either the abhove HTTPS Proxy to be enabled +# or TLS certificates to be mounted to container +ENABLE_COTURN=false +#COTURN_TLS_CERT_PATH= +#COTURN_TLS_KEY_PATH= + +# Greenlight Frontend +# https://docs.bigbluebutton.org/greenlight/gl-overview.html +ENABLE_GREENLIGHT=true + +# Enable Webhooks +# used by some integrations +ENABLE_WEBHOOKS=true + +# Prometheus Exporter +# serves the bigbluebutton-exporter under following URL: +# https://yourdomain/bbb-exporter +ENABLE_PROMETHEUS_EXPORTER=true +#ENABLE_PROMETHEUS_EXPORTER_OPTIMIZATION=true + +# Recording +# IMPORTANT: this is currently a big privacy issues, because it will +# record everything which happens in the conference, even when the button +# suggets, that it does not. +# https://github.com/bigbluebutton/bigbluebutton/issues/9202 +# make sure that you get peoples consent, before they join a room +ENABLE_RECORDING=true +#REMOVE_OLD_RECORDING=false +#RECORDING_MAX_AGE_DAYS=14 + +# ==================================== +# SECRETS +# ==================================== +# important! change these to any random values +SHARED_SECRET=SuperSecret +ETHERPAD_API_KEY=SuperEtherpadKey +RAILS_SECRET=SuperRailsSecret_SuperRailsSecret +POSTGRESQL_SECRET=SuperPostgresSecret +FSESL_PASSWORD=SuperFreeswitchESLPassword + + + +# ==================================== +# CONNECTION +# ==================================== + +DOMAIN=10.7.7.1 + +EXTERNAL_IPv4=10.7.7.1 +EXTERNAL_IPv6= + +# STUN SERVER +# stun.freeswitch.org +STUN_IP=147.182.188.245 +STUN_PORT=3478 + +# TURN SERVER +# uncomment and adjust following two lines to add an external TURN server +#TURN_SERVER=turns:localhost:465?transport=tcp +#TURN_SECRET= + +# Allowed SIP IPs +# due to high traffic caused by bots, by default the SIP port is blocked. +# but you can allow access by your providers IP or IP ranges (comma seperated) +# Hint: if you want to allow requests from every IP, you can use 0.0.0.0/0 +SIP_IP_ALLOWLIST=0.0.0.0/0 + + +# ==================================== +# CUSTOMIZATION +# ==================================== + +CLIENT_TITLE=BigBlueButton (Development) + +# use following lines to replace the default welcome message and footer +WELCOME_MESSAGE="Welcome to %%CONFNAME%%!

For help on using BigBlueButton see these (short) tutorial videos.

To join the audio bridge click the speaker button. Use a headset to avoid causing background noise for others." +WELCOME_FOOTER="This server is running BigBlueButton." + +# use following line for an additional SIP dial-in message +#WELCOME_FOOTER="This server is running BigBlueButton.

To join this meeting by phone, dial:
INSERT_YOUR_PHONE_NUMBER_HERE
Then enter %%CONFNUM%% as the conference PIN number." + +# for a different default presentation, place the pdf file in ./conf/ and +# adjust the following path +DEFAULT_PRESENTATION=./mod/nginx/default.pdf + +# language of sound announcements +# options: +# - en-ca-june - EN Canadian June +# - en-us-allison - US English Allison +# - en-us-callie - US English Callie (default) +# - de-de-daedalus3 - German by Daedalus3 (https://github.com/Daedalus3/freeswitch-german-soundfiles) +# - es-ar-mario - Spanish/Argentina Mario +# - fr-ca-june - FR Canadian June +# - pt-br-karina - Brazilian Portuguese Karina +# - ru-RU-elena - RU Russian Elena +# - ru-RU-kirill - RU Russian Kirill +# - ru-RU-vika - RU Russian Viktoriya +# - sv-se-jakob - Swedish (Sweden) Jakob +# - zh-cn-sinmei - Chinese/China Sinmei +# - zh-hk-sinmei - Chinese/Hong Kong Sinmei +SOUNDS_LANGUAGE=en-us-callie + +# set to false to disable listenOnlyMode +LISTEN_ONLY_MODE=true + +# set to true to disable echo test +DISABLE_ECHO_TEST=false + +# set to true to automatically share webcam +AUTO_SHARE_WEBCAM=false + +# set to true to disable video preview for webcam sharing +DISABLE_VIDEO_PREVIEW=false + +# set to false to disable chat +CHAT_ENABLED=true + +# set to true to start chat closed +CHAT_START_CLOSED=false + +# set to true to disable announcements "You are now (un-)muted" +DISABLE_SOUND_MUTED=false + +# set to true to disable announcement "You are the only person in this conference" +DISABLE_SOUND_ALONE=false + +# maximum count of breakout rooms per meeting +# Warning: increasing the limit of breakout rooms per meeting +# can generate excessive overhead to the server. We recommend +# this value to be kept under 12. +BREAKOUTROOM_LIMIT=8 + +# set to false to disable the learning dashboard +ENABLE_LEARNING_DASHBOARD=true + +# ==================================== +# Tuning +# ==================================== +# Default = 2; Min = 1; Max = 4 +# On powerful systems with high number of meetings you can set values up to 4 to accelerate handling of events +NUMBER_OF_BACKEND_NODEJS_PROCESSES=1 + +# Default = 2; Min = 1; Max = 8 +# Set a number between 1 and 4 times the value of NUMBER_OF_BACKEND_NODEJS_PROCESSES where higher number helps with meetings +# stretching the recommended number of users in BigBlueButton +NUMBER_OF_FRONTEND_NODEJS_PROCESSES=1 + + +# ==================================== +# GREENLIGHT CONFIGURATION +# ==================================== + +### SMTP CONFIGURATION +# Emails are required for the basic features of Greenlight to function. +# Please refer to your SMTP provider to get the values for the variables below +#SMTP_SENDER_EMAIL= +#SMTP_SENDER_NAME= +#SMTP_SERVER= +#SMTP_PORT= +#SMTP_DOMAIN= +#SMTP_USERNAME= +#SMTP_PASSWORD= +#SMTP_AUTH= +#SMTP_STARTTLS_AUTO=true +#SMTP_STARTTLS=false +#SMTP_TLS=false +#SMTP_SSL_VERIFY=true + +### EXTERNAL AUTHENTICATION METHODS +# +#OPENID_CONNECT_CLIENT_ID= +#OPENID_CONNECT_CLIENT_SECRET= +#OPENID_CONNECT_ISSUER= +#OPENID_CONNECT_REDIRECT= + +# To enable hCaptcha on the user sign up and sign in, define these 2 keys +#HCAPTCHA_SITE_KEY= +#HCAPTCHA_SECRET_KEY= + +# Set these if you are using a Simple Storage Service (S3) +# Uncomment S3_ENDPOINT only if you are using a S3 OTHER than Amazon Web Service (AWS) S3. +#S3_ACCESS_KEY_ID= +#S3_SECRET_ACCESS_KEY= +#S3_REGION= +#S3_BUCKET= +#S3_ENDPOINT= + +# Define the default locale language code (i.e. 'en' for English) from the fallowing list: +# [en, ar, fr, es] +#DEFAULT_LOCALE=en + diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index aef1b682..dae585d9 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -12,7 +12,7 @@ x-html5-backend: &html5backend additional_contexts: - source=./repos/bigbluebutton/bigbluebutton-html5 args: - BBB_BUILD_TAG: bbb27-2023-06-13-java17 + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} TAG_BBB: {{ .Env.TAG_BBB }} image: alangecker/bbb-docker-html5:{{ .Env.TAG_BBB }} restart: unless-stopped @@ -51,7 +51,7 @@ services: - src-common-message=./repos/bigbluebutton/bbb-common-message - src-common-web=./repos/bigbluebutton/bbb-common-web args: - BBB_BUILD_TAG: bbb27-2023-06-13-java17 + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} image: alangecker/bbb-docker-web:{{ .Env.TAG_BBB }} restart: unless-stopped depends_on: @@ -74,13 +74,41 @@ services: ENABLE_LEARNING_DASHBOARD: ${ENABLE_LEARNING_DASHBOARD:-true} NUMBER_OF_BACKEND_NODEJS_PROCESSES: {{ .Env.NUMBER_OF_BACKEND_NODEJS_PROCESSES }} volumes: - - bigbluebutton:/var/bigbluebutton - - vol-freeswitch:/var/freeswitch/meetings + - ./data/bigbluebutton:/var/bigbluebutton + - ./data/freeswitch-meetings:/var/freeswitch/meetings networks: bbb-net: ipv4_address: 10.7.7.2 +{{ if isTrue .Env.DEV_MODE }} + html5-dev: + build: + context: mod/html5 + dockerfile: Dockerfile.dev + args: + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} + user: ${BBB_DOCKER_USER} + restart: unless-stopped + depends_on: + - redis + - mongodb + - etherpad + volumes: + - ./repos/bigbluebutton/bigbluebutton-html5:/app/:rw + - ./.cache/npm:/tmp/.npm:rw + - ./.cache/meteor:/tmp/.meteor:rw + - ./mod/html5/bbb-html5.yml:/tmp/bbb-html5.yml.tmpl + environment: + <<: *html5backend-env + HOME: /tmp + BBB_HTML5_ROLE: "" + networks: + bbb-net: + ipv4_address: 10.7.7.200 + + +{{ else }} {{ range $i := loop 0 (atoi .Env.NUMBER_OF_BACKEND_NODEJS_PROCESSES) }} html5-backend-{{ add $i 1 }}: <<: *html5backend @@ -105,6 +133,8 @@ services: ipv4_address: 10.7.7.{{ add 200 $i }} {{end}} +{{ end }} + freeswitch: container_name: bbb-freeswitch @@ -115,7 +145,7 @@ services: - build-files=./repos/bigbluebutton/build/packages-template/bbb-freeswitch-core/ - fs-config=./repos/bigbluebutton/bbb-voice-conference/config/freeswitch/conf/ args: - BBB_BUILD_TAG: bbb27-2023-06-13-java17 + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} image: alangecker/bbb-docker-freeswitch:{{ .Env.TAG_FREESWITCH }}-{{ .Env.TAG_BBB }} restart: unless-stopped cap_add: @@ -137,7 +167,7 @@ services: volumes: - ./conf/sip_profiles:/etc/freeswitch/sip_profiles/external - ./conf/dialplan_public:/etc/freeswitch/dialplan/public_docker - - vol-freeswitch:/var/freeswitch/meetings + - ./data/freeswitch-meetings:/var/freeswitch/meetings network_mode: host logging: # reduce logs to a minimum, so `docker compose logs -f` still works @@ -154,17 +184,26 @@ services: - src-learning-dashboard=./repos/bigbluebutton/bbb-learning-dashboard - src-playback=./repos/bbb-playback args: - BBB_BUILD_TAG: bbb27-2023-06-13-java17 - image: alangecker/bbb-docker-nginx:1.23-{{ .Env.TAG_PLAYBACK }}-{{ .Env.TAG_BBB }} + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} + image: alangecker/bbb-docker-nginx:1.25-{{ .Env.TAG_PLAYBACK }}-{{ .Env.TAG_BBB }} restart: unless-stopped depends_on: - etherpad - webrtc-sfu + {{ if isTrue .Env.DEV_MODE }} + - html5-dev + {{ else }} - html5-backend-1 + {{ end }} volumes: - - bigbluebutton:/var/bigbluebutton + - ./data/bigbluebutton:/var/bigbluebutton - html5-static:/html5-static:ro - ${DEFAULT_PRESENTATION:-/dev/null}:/www/default.pdf + + {{ if isTrue .Env.DEV_MODE }} + # don't let nginx directly serve static files + - ./mod/nginx/bbb-html5.dev.nginx:/etc/nginx/bbb/bbb-html5.nginx:ro + {{ end }} network_mode: host extra_hosts: - "host.docker.internal:10.7.7.1" @@ -221,8 +260,7 @@ services: ipv4_address: 10.7.7.5 mongodb: - container_name: bbb-mongodb - image: mongo:4.4 + image: mongo:6.0 restart: unless-stopped volumes: - ./mod/mongo/mongod.conf:/etc/mongod.conf @@ -237,36 +275,35 @@ services: bbb-net: ipv4_address: 10.7.7.6 - # TODO: remove as soon as not required anymore by webrtc-sfu - kurento: - image: kurento/kurento-media-server:6.18 - restart: unless-stopped - network_mode: host - volumes: - - vol-kurento:/var/kurento - webrtc-sfu: build: context: mod/webrtc-sfu additional_contexts: - source=./repos/bbb-webrtc-sfu args: - BBB_BUILD_TAG: bbb27-2023-06-13-java17 + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} image: alangecker/bbb-docker-webrtc-sfu:{{ .Env.TAG_WEBRTC_SFU }} restart: unless-stopped depends_on: - redis - freeswitch - - kurento environment: CLIENT_HOST: 10.7.7.1 REDIS_HOST: 10.7.7.5 FREESWITCH_IP: 10.7.7.1 FREESWITCH_SIP_IP: ${EXTERNAL_IPv4} MCS_HOST: 0.0.0.0 - MCS_ADDRESS: 127.0.0.1 + MCS_ADDRESS: 0.0.0.0 ESL_IP: 10.7.7.1 ESL_PASSWORD: ${FSESL_PASSWORD:-ClueCon} + RECORDING_ADAPTER: bbb-webrtc-recorder + RECORD_WEBCAMS: "true" + KURENTO: '[]' + + # avoid logging to a file + LOG_FILENAME: /dev/stdout + LOG_STDOUT_ENABLED: false + # TODO: add mediasoup IPv6 # TODO: can listen to 0.0.0.0 for nat support? https://github.com/versatica/mediasoup/issues/487 {{ if .Env.EXTERNAL_IPv6 }} @@ -276,9 +313,7 @@ services: {{end}} MS_RTP_LISTEN_IP: '{"ip":"0.0.0.0", "announcedIp":"${EXTERNAL_IPv4}"}' volumes: - - vol-mediasoup:/var/mediasoup - tmpfs: - - /var/log/bbb-webrtc-sfu + - ./data/mediasoup:/var/mediasoup network_mode: host fsesl-akka: @@ -289,7 +324,7 @@ services: - src-fsesl-client=./repos/bigbluebutton/bbb-fsesl-client - src-fsesl-akka=./repos/bigbluebutton/akka-bbb-fsesl args: - BBB_BUILD_TAG: bbb27-2023-06-13-java17 + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} image: alangecker/bbb-docker-fsesl-akka:{{ .Env.TAG_BBB }} restart: unless-stopped depends_on: @@ -308,20 +343,88 @@ services: - src-common-message=./repos/bigbluebutton/bbb-common-message - src-apps-akka=./repos/bigbluebutton/akka-bbb-apps args: - BBB_BUILD_TAG: bbb27-2023-06-13-java17 + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} image: alangecker/bbb-docker-apps-akka:{{ .Env.TAG_BBB }} restart: unless-stopped depends_on: - redis + - postgres environment: DOMAIN: ${DOMAIN} SHARED_SECRET: ${SHARED_SECRET} + POSTGRES_PASSWORD: ${POSTGRESQL_SECRET:-password} volumes: - - vol-freeswitch:/var/freeswitch/meetings + - ./data/freeswitch-meetings:/var/freeswitch/meetings + - ./conf/settings.yml:/etc/bigbluebutton/bbb-html5.yml:ro networks: bbb-net: ipv4_address: 10.7.7.15 + bbb-graphql-server: + build: + context: mod/bbb-graphql-server + additional_contexts: + - src=./repos/bigbluebutton/bbb-graphql-server + args: + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} + depends_on: + - postgres + restart: unless-stopped + environment: + POSTGRES_USER: postgres + POSTGRES_PASSWORD: ${POSTGRESQL_SECRET:-password} + networks: + bbb-net: + ipv4_address: 10.7.7.31 + + extra_hosts: + - "bbb-web:10.7.7.2" + - "bbb-graphql-actions:10.7.7.30" + + bbb-graphql-actions: + build: + context: mod/bbb-graphql-actions + {{ if isTrue .Env.DEV_MODE }} + dockerfile: Dockerfile.dev + {{ else }} + additional_contexts: + - src=./repos/bigbluebutton/bbb-graphql-actions + {{ end }} + args: + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} + restart: unless-stopped + depends_on: + - redis + environment: + BBB_REDIS_HOST: redis + networks: + bbb-net: + ipv4_address: 10.7.7.30 + {{ if isTrue .Env.DEV_MODE }} + volumes: + - ./repos/bigbluebutton/bbb-graphql-actions:/app/:rw + - ./.cache/npm:/tmp/.npm:rw + {{ end }} + + bbb-graphql-middleware: + build: + context: mod/bbb-graphql-middleware + additional_contexts: + - src=./repos/bigbluebutton/bbb-graphql-middleware + args: + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} + restart: unless-stopped + depends_on: + - bbb-graphql-server + - redis + environment: + BBB_GRAPHQL_MIDDLEWARE_LISTEN_PORT: 8378 + BBB_GRAPHQL_MIDDLEWARE_REDIS_ADDRESS: 10.7.7.5:6379 + BBB_GRAPHQL_MIDDLEWARE_HASURA_WS: ws://bbb-graphql-server:8080/v1/graphql + networks: + bbb-net: + ipv4_address: 10.7.7.32 + jodconverter: build: mod/jodconverter image: alangecker/bbb-docker-jodconverter:latest @@ -346,8 +449,8 @@ services: - mongodb volumes: - /var/run/docker.sock:/var/run/docker.sock - - bigbluebutton:/var/bigbluebutton - - vol-mediasoup:/var/mediasoup + - ./data/bigbluebutton:/var/bigbluebutton + - ./data/mediasoup:/var/mediasoup tmpfs: - /var/log/bigbluebutton environment: @@ -368,7 +471,7 @@ services: - presentation=./repos/bigbluebutton/record-and-playback/presentation - bbb-conf=./repos/bigbluebutton/bigbluebutton-config args: - BBB_BUILD_TAG: bbb27-2023-06-13-java17 + BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} TAG_BBB_PRESENTATION_VIDEO: "4.0.3" image: alangecker/bbb-docker-recordings:{{ .Env.TAG_BBB }} restart: unless-stopped @@ -379,16 +482,31 @@ services: DOMAIN: ${DOMAIN} SHARED_SECRET: ${SHARED_SECRET} volumes: - - bigbluebutton:/var/bigbluebutton - - vol-freeswitch:/var/freeswitch/meetings - - vol-mediasoup:/var/mediasoup - - vol-kurento:/var/kurento + - ./data/bigbluebutton:/var/bigbluebutton + - ./data/freeswitch-meetings:/var/freeswitch/meetings + - ./data/mediasoup:/var/mediasoup + - ./data/bbb-webrtc-recorder:/var/lib/bbb-webrtc-recorder tmpfs: - /var/log/bigbluebutton - /tmp networks: bbb-net: ipv4_address: 10.7.7.16 + + bbb-webrtc-recorder: + build: + context: mod/bbb-webrtc-recorder + additional_contexts: + - src=./repos/bbb-webrtc-recorder + image: alangecker/bbb-docker-webrtc-recorder:{{ .Env.TAG_WEBRTC_RECORDER }} + depends_on: + - redis + volumes: + - ./mod/bbb-webrtc-recorder/bbb-webrtc-recorder.yml:/etc/bbb-webrtc-recorder/bbb-webrtc-recorder.yml + - ./data/bbb-webrtc-recorder:/var/lib/bbb-webrtc-recorder + networks: + bbb-net: + ipv4_address: 10.7.7.19 {{end}} {{ if isTrue .Env.ENABLE_WEBHOOKS }} @@ -483,16 +601,17 @@ services: SECRET_KEY_BASE: ${RAILS_SECRET} RELATIVE_URL_ROOT: / volumes: - - ./greenlight-data:/usr/src/app/storage + - ./data/greenlight:/usr/src/app/storage networks: bbb-net: ipv4_address: 10.7.7.21 +{{end}} postgres: - image: postgres:12-alpine + image: postgres:16-alpine restart: unless-stopped environment: - POSTGRES_DB: greenlight-v3 + POSTGRES_MULTIPLE_DATABASES: bbb_graphql,hasura_app,greenlight POSTGRES_USER: postgres POSTGRES_PASSWORD: ${POSTGRESQL_SECRET:-password} healthcheck: @@ -501,11 +620,11 @@ services: timeout: 5s retries: 5 volumes: - - ./postgres-data:/var/lib/postgresql/data + - ./data/postgres:/var/lib/postgresql/data + - ./mod/postgres/initdb.sh:/docker-entrypoint-initdb.d/initdb.sh networks: bbb-net: ipv4_address: 10.7.7.22 -{{end}} {{ if isTrue .Env.ENABLE_PROMETHEUS_EXPORTER }} # prometheus @@ -521,7 +640,7 @@ services: ipv4_address: 10.7.7.33 {{ if isTrue .Env.ENABLE_PROMETHEUS_EXPORTER_OPTIMIZATION }} volumes: - - bigbluebutton:/var/bigbluebutton:ro + - ./data/bigbluebutton:/var/bigbluebutton:ro {{end}} # the exporter requires /etc/bigbluebutton/bigbluebutton-release @@ -532,10 +651,6 @@ services: volumes: - bigbluebutton: - vol-freeswitch: - vol-kurento: - vol-mediasoup: html5-static: {{ if isTrue .Env.ENABLE_HTTPS_PROXY }} ssl_data: diff --git a/docs/development.md b/docs/development.md index c791b1bd..ca5a3a91 100644 --- a/docs/development.md +++ b/docs/development.md @@ -1,50 +1,29 @@ # bbb-docker Development ## Basics -normally people start BBB with the pre-built docker images, but for developing you need to build them by yourself. For that you need to ensure that the submodules are also checked out: +normally people start BBB with the pre-built docker images, but for developing you need to build them by yourself. For that you need to ensure that the submodules are also checked out ```sh -$ git submodule update --init +$ git clone --recurse-submodules https://github.com/bigbluebutton/docker.git bbb-dev +$ cd bbb-dev ``` - ## Running -you can run bbb-docker locally without any certificate issues with following `.env` configurations: - -``` -DEV_MODE=true - -ENABLE_HTTPS_PROXY=true -#ENABLE_COTURN=true -#ENABLE_GREENLIGHT=true -#ENABLE_WEBHOOKS=true -#ENABLE_PROMETHEUS_EXPORTER=true -#ENABLE_RECORDING=true - -DOMAIN=10.7.7.1 -EXTERNAL_IPv4=10.7.7.1 -STUN_IP=216.93.246.18 -STUN_PORT=3478 -TURN_SERVER=turns:localhost:5349?transport=tcp +you can now run bbb-docker locally by simply starting -TURN_SECRET=SuperTurnSecret -SHARED_SECRET=SuperSecret -ETHERPAD_API_KEY=SuperEtherpadKey -RAILS_SECRET=SuperRailsSecret_SuperRailsSecret - -# ==================================== -# CUSTOMIZATION -# ==================================== - -[... add rest of sample.env here ...] +```sh +$ ./scripts/dev ``` -- regenerate `docker-compose.yml` \ +### Hints +- the html5 component will watch and automatically reload on any changes 🚀 +- if you change anything in the other components, you need to + * manually rebuilt it \ + `$ docker compose build CONTAINERNAME` + * restart it \ + `$ docker compose up -d CONTAINERNAME` +- if you change any variable in .env, always run following to rebuild the `docker-compose.yml`` `$ ./scripts/generate-compose` -- build the images \ - `$ docker compose build` -- you can than start it with \ - `$ docker compose up -d` - view the logs with \ `$ docker compose logs -f` - and access the API via \ @@ -55,16 +34,6 @@ RAILS_SECRET=SuperRailsSecret_SuperRailsSecret ## Notes - Due to the self signed ssl certificate it is currently not possible to notify greenlight about recordings in dev mode -## Changes -- After doing some changes you usually must... - - recreate `docker-compose.yml` \ - `$ ./scripts/generate-compose` - * rebuild the image(s): \ - `$ docker compose build [containername]` - * restart changes image(s): \ - `$ docker compose up -d` - - ## How to do create a new update for a newer BBB release? This always consists out of following steps 1. **Get an understanding about changes that happened and find out what changes to bbb-docker that require.** \ diff --git a/mod/apps-akka/Dockerfile b/mod/apps-akka/Dockerfile index fcd876c6..6d9df358 100644 --- a/mod/apps-akka/Dockerfile +++ b/mod/apps-akka/Dockerfile @@ -26,5 +26,6 @@ COPY bbb-apps-akka.conf /etc/bigbluebutton/bbb-apps-akka.conf.tmpl COPY logback.xml /bbb-apps-akka/conf/logback.xml COPY entrypoint.sh /entrypoint.sh +COPY settings.yml /usr/share/meteor/bundle/programs/server/assets/app/config/settings.yml USER bigbluebutton ENTRYPOINT /entrypoint.sh diff --git a/mod/apps-akka/bbb-apps-akka.conf b/mod/apps-akka/bbb-apps-akka.conf index d05cebc5..2a7a4740 100644 --- a/mod/apps-akka/bbb-apps-akka.conf +++ b/mod/apps-akka/bbb-apps-akka.conf @@ -11,4 +11,14 @@ services { } http { interface = "0.0.0.0" +} + +postgres { + properties = { + serverName = "10.7.7.22" + portNumber = "5432" + databaseName = "bbb_graphql" + user = "postgres" + password = "POSTGRES_PASSWORD" + } } \ No newline at end of file diff --git a/mod/apps-akka/entrypoint.sh b/mod/apps-akka/entrypoint.sh index 3938a7ca..d6d2b5a1 100755 --- a/mod/apps-akka/entrypoint.sh +++ b/mod/apps-akka/entrypoint.sh @@ -4,6 +4,7 @@ TARGET=/etc/bigbluebutton/bbb-apps-akka.conf cp /etc/bigbluebutton/bbb-apps-akka.conf.tmpl $TARGET sed -i "s/DOMAIN/$DOMAIN/" $TARGET sed -i "s/SHARED_SECRET/$SHARED_SECRET/" $TARGET +sed -i "s/POSTGRES_PASSWORD/$POSTGRES_PASSWORD/" $TARGET cd /bbb-apps-akka /bbb-apps-akka/bin/bbb-apps-akka \ No newline at end of file diff --git a/mod/apps-akka/logback.xml b/mod/apps-akka/logback.xml index 0d9c0047..c29b1fbb 100644 --- a/mod/apps-akka/logback.xml +++ b/mod/apps-akka/logback.xml @@ -9,8 +9,10 @@ + - + + diff --git a/mod/apps-akka/settings.yml b/mod/apps-akka/settings.yml new file mode 100644 index 00000000..58c4cef6 --- /dev/null +++ b/mod/apps-akka/settings.yml @@ -0,0 +1,7 @@ +# just the default values required for gettting apps-akka running + +# use ./conf/sertings.yml for modifying anything +public: + plugins: [] + userReaction: + expire: 30 \ No newline at end of file diff --git a/mod/bbb-graphql-actions/Dockerfile b/mod/bbb-graphql-actions/Dockerfile new file mode 100644 index 00000000..97c2a614 --- /dev/null +++ b/mod/bbb-graphql-actions/Dockerfile @@ -0,0 +1,32 @@ +ARG BBB_BUILD_TAG +FROM bigbluebutton/bbb-build:$BBB_BUILD_TAG AS builder + +COPY --from=src ./ /src +RUN cd /src && \ + npm ci --no-progress && \ + npm run build + +# delete node_modules (it should create a fresh one inside /src/dist/) +RUN rm -rf /src/node_modules + +RUN cd /src/dist && \ + mv index.js bbb-graphql-actions.js && \ + cp ../package.json ../package-lock.json . && \ + npm ci --no-progress --omit=dev + + +# ------------------------------ +FROM node:18-bookworm-slim + +COPY --from=builder /src/dist /app + +RUN groupadd -g 2062 app \ + && useradd -m -u 2063 -g app app + +USER app + +WORKDIR /app + +ENV SERVER_HOST 0.0.0.0 + +CMD [ "node", "/app/bbb-graphql-actions.js" ] \ No newline at end of file diff --git a/mod/bbb-graphql-actions/Dockerfile.dev b/mod/bbb-graphql-actions/Dockerfile.dev new file mode 100644 index 00000000..52147f7a --- /dev/null +++ b/mod/bbb-graphql-actions/Dockerfile.dev @@ -0,0 +1,14 @@ +ARG BBB_BUILD_TAG +FROM bigbluebutton/bbb-build:$BBB_BUILD_TAG AS builder + +RUN apt-get update && apt-get install -y gosu + +# allow any user to use node in /root/.nvm +RUN chmod 755 /root + +COPY dev-entrypoint.sh /dev-entrypoint.sh +ENTRYPOINT [ "/dev-entrypoint.sh" ] + +WORKDIR /app +ENV SERVER_HOST 0.0.0.0 +CMD [ "npm install && npm start" ] \ No newline at end of file diff --git a/mod/bbb-graphql-actions/dev-entrypoint.sh b/mod/bbb-graphql-actions/dev-entrypoint.sh new file mode 100755 index 00000000..7c3700c2 --- /dev/null +++ b/mod/bbb-graphql-actions/dev-entrypoint.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +# get owner of /app +OWNER="$(stat -c '%u' "/app")" +GROUP="$(stat -c '%g' "/app")" +useradd --home-dir /tmp -u $OWNER user || /bin/true + +# run with same user to avoid any issues +# with file permissions +. /root/.nvm/nvm.sh +gosu $OWNER:$GROUP bash -c "$@" + diff --git a/mod/bbb-graphql-middleware/Dockerfile b/mod/bbb-graphql-middleware/Dockerfile new file mode 100644 index 00000000..22244e33 --- /dev/null +++ b/mod/bbb-graphql-middleware/Dockerfile @@ -0,0 +1,11 @@ +ARG BBB_BUILD_TAG +FROM bigbluebutton/bbb-build:$BBB_BUILD_TAG AS builder + +COPY --from=src / /src/ +RUN cd /src/ && ./local-build.sh + + +# ------------------------------ +FROM alpine +COPY --from=builder /src/bbb-graphql-middleware /app/bbb-graphql-middleware +CMD [ "/app/bbb-graphql-middleware" ] \ No newline at end of file diff --git a/mod/bbb-graphql-server/Dockerfile b/mod/bbb-graphql-server/Dockerfile new file mode 100644 index 00000000..f39bf7d6 --- /dev/null +++ b/mod/bbb-graphql-server/Dockerfile @@ -0,0 +1,24 @@ +ARG BBB_BUILD_TAG +FROM bigbluebutton/bbb-build:$BBB_BUILD_TAG AS builder + +RUN mkdir -p /hasura-cli && cd /hasura-cli && npm install hasura-cli +RUN wget -qO /usr/local/bin/yq https://github.com/mikefarah/yq/releases/latest/download/yq_linux_amd64 && chmod a+x /usr/local/bin/yq + +# ---------------------------- +FROM hasura/graphql-engine:v2.36.0 + +# install netstat +RUN apt-get update && apt-get install -y net-tools gosu + +COPY --from=builder /usr/local/bin/yq /usr/local/bin/yq +COPY --from=builder /hasura-cli/node_modules/hasura-cli/hasura /usr/local/bin/hansura + +COPY --from=src /bbb_schema.sql /app/ +COPY --from=src /metadata /app/metadata + +COPY config.yaml /app/config.yaml +COPY entrypoint.sh /entrypoint.sh +COPY start.sh /app/start.sh + +ENTRYPOINT [ "/entrypoint.sh" ] +CMD [ "/app/start.sh" ] diff --git a/mod/bbb-graphql-server/config.yaml b/mod/bbb-graphql-server/config.yaml new file mode 100644 index 00000000..183404ee --- /dev/null +++ b/mod/bbb-graphql-server/config.yaml @@ -0,0 +1,7 @@ +version: 3 +endpoint: http://localhost:8080 +admin_secret: bigbluebutton +metadata_directory: metadata +actions: + kind: synchronous + handler_webhook_baseurl: http://localhost:3000 diff --git a/mod/bbb-graphql-server/entrypoint.sh b/mod/bbb-graphql-server/entrypoint.sh new file mode 100755 index 00000000..ff281dde --- /dev/null +++ b/mod/bbb-graphql-server/entrypoint.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +# for psql +export PGHOST=postgres +export PGUSER="${POSTGRES_USER}" +export PGPASSWORD="${POSTGRES_PASSWORD}" + + +# for hasura +export HASURA_GRAPHQL_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/hasura_app +export HASURA_GRAPHQL_METADATA_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/hasura_app +export HASURA_GRAPHQL_LOG_LEVEL=warn +export HASURA_GRAPHQL_ENABLE_CONSOLE=false +export HASURA_GRAPHQL_LIVE_QUERIES_MULTIPLEXED_REFETCH_INTERVAL=250 +export HASURA_GRAPHQL_STREAMING_QUERIES_MULTIPLEXED_REFETCH_INTERVAL=100 +export HASURA_GRAPHQL_ADMIN_SECRET=bigbluebutton # TODO: improve security +export HASURA_GRAPHQL_ENABLE_TELEMETRY=false +export HASURA_GRAPHQL_AUTH_HOOK=http://bbb-web:8090/bigbluebutton/connection/checkGraphqlAuthorization +export HASURA_BBB_GRAPHQL_ACTIONS_ADAPTER_URL=http://bbb-graphql-actions:8093 + + +exec $@ \ No newline at end of file diff --git a/mod/bbb-graphql-server/start.sh b/mod/bbb-graphql-server/start.sh new file mode 100755 index 00000000..25796841 --- /dev/null +++ b/mod/bbb-graphql-server/start.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +cd /app/ + +# patch database url +# TODO: this should be possible via an environment variable +yq e -i '.[1].configuration.connection_info.database_url.connection_parameters.host = "postgres"' metadata/databases/databases.yaml +yq e -i ".[1].configuration.connection_info.database_url.connection_parameters.password = \"${POSTGRES_PASSWORD}\"" metadata/databases/databases.yaml + + +echo "SELECT 'CREATE DATABASE hasura_app' WHERE NOT EXISTS (SELECT FROM pg_database WHERE datname = 'hasura_app')\gexec" | psql + +echo "Restarting database bbb_graphql" +psql -c "SELECT pg_terminate_backend(pg_stat_activity.pid) FROM pg_stat_activity WHERE datname = 'bbb_graphql'" > /dev/null +psql -c "drop database if exists bbb_graphql with (force)" +psql -c "create database bbb_graphql WITH TEMPLATE template0 LC_COLLATE 'C.UTF-8'" +psql -c "alter database bbb_graphql set timezone to 'UTC'" + +echo "Creating tables in bbb_graphql" +psql -U postgres -d bbb_graphql -q -f bbb_schema.sql --set ON_ERROR_STOP=on + +echo "Starting hasura-graphql-engine" +gosu nobody graphql-engine serve & +PID=$! + +sleep 1 + + +#Check if Hasura is ready before applying metadata +HASURA_PORT=8080 +while ! netstat -tuln | grep ":$HASURA_PORT " > /dev/null; do + echo "Waiting for Hasura's port ($HASURA_PORT) to be ready..." + sleep 1 +done + +echo "Applying new metadata to Hasura" +/usr/local/bin/hansura metadata apply --skip-update-check + +wait "$PID" \ No newline at end of file diff --git a/mod/bbb-pads/Dockerfile b/mod/bbb-pads/Dockerfile index 61096756..7498a105 100644 --- a/mod/bbb-pads/Dockerfile +++ b/mod/bbb-pads/Dockerfile @@ -1,4 +1,4 @@ -FROM node:18-bullseye-slim AS builder +FROM node:18-bookworm-slim AS builder COPY --from=src / /bbb-pads RUN cd /bbb-pads && rm -r .git && npm install --production @@ -7,7 +7,7 @@ RUN cd /bbb-pads && rm -r .git && npm install --production RUN chmod 777 /bbb-pads/config # ------------------------------ -FROM node:18-bullseye-slim +FROM node:18-bookworm-slim RUN apt update && apt install -y jq moreutils \ && useradd --uid 2003 --create-home --user-group bbb-pads diff --git a/mod/bbb-web/bbb-web.properties b/mod/bbb-web/bbb-web.properties index 0f500d22..2c51aad9 100644 --- a/mod/bbb-web/bbb-web.properties +++ b/mod/bbb-web/bbb-web.properties @@ -15,6 +15,8 @@ redisHost=redis {{ if isTrue .Env.DEV_MODE }} beans.presentationService.defaultUploadedPresentation=https://test.bigbluebutton.org/default.pdf +# fetch presentations without HTTPS +presentationBaseURL=http://{{ .Env.DOMAIN }}/bigbluebutton/presentation {{else}} beans.presentationService.defaultUploadedPresentation=${bigbluebutton.web.serverURL}/default.pdf {{end}} diff --git a/mod/bbb-webrtc-recorder/Dockerfile b/mod/bbb-webrtc-recorder/Dockerfile new file mode 100644 index 00000000..bfe04a09 --- /dev/null +++ b/mod/bbb-webrtc-recorder/Dockerfile @@ -0,0 +1,35 @@ +# Build stage +FROM golang:1.19 as builder + +ARG APP_VERSION=devel +ARG GOMOD=github.com/bigbluebutton/bbb-webrtc-recorder + +WORKDIR /app + +COPY --from=src go.* ./ + +RUN go mod tidy + +COPY --from=src . ./ + +RUN go build -o ./build/bbb-webrtc-recorder \ + -buildvcs=false \ + -ldflags="-X '${GOMOD}/internal.AppVersion=${APP_VERSION}'" \ + ./cmd/bbb-webrtc-recorder + +RUN mv /app/build/bbb-webrtc-recorder /usr/bin/bbb-webrtc-recorder + +RUN rm -rf /app + +# Running stage +FROM debian:bookworm-slim + +RUN apt-get update && apt-get install -y gosu + +# Copy the binary to the production image from the builder stage. +COPY --from=builder /usr/bin/bbb-webrtc-recorder /usr/bin/bbb-webrtc-recorder + +# use same UID as in the recordings container +RUN groupadd -g 998 bigbluebutton && useradd -m -u 998 -g bigbluebutton bigbluebutton + +CMD ["/bin/sh", "-c", "chown -R bigbluebutton:bigbluebutton /var/lib/bbb-webrtc-recorder && gosu bigbluebutton /usr/bin/bbb-webrtc-recorder"] \ No newline at end of file diff --git a/mod/bbb-webrtc-recorder/bbb-webrtc-recorder.yml b/mod/bbb-webrtc-recorder/bbb-webrtc-recorder.yml new file mode 100644 index 00000000..6b284caf --- /dev/null +++ b/mod/bbb-webrtc-recorder/bbb-webrtc-recorder.yml @@ -0,0 +1,39 @@ +debug: false + +recorder: + directory: /var/lib/bbb-webrtc-recorder + dirFileMode: 0700 + fileMode: 0600 + +pubsub: + channels: + subscribe: to-bbb-webrtc-recorder + publish: from-bbb-webrtc-recorder + adapter: redis + adapters: + redis: + address: redis:6379 + network: tcp + #password: foobared + +webrtc: + rtcMinPort: 24577 + rtcMaxPort: 32768 + jitterBuffer: 512 + iceServers: + - urls: [] +# Example turn server +# - urls: +# - turn:turnserver.example.org:1234 +# username: webrtc +# credential: turnpassword + +# HTTP server for testing +# (should be disabled in production) +http: + port: 8080 + enable: false + +prometheus: + enable: false + listenAddress: 127.0.0.1:3200 diff --git a/mod/freeswitch/Dockerfile b/mod/freeswitch/Dockerfile index 19107e18..e57a58b0 100644 --- a/mod/freeswitch/Dockerfile +++ b/mod/freeswitch/Dockerfile @@ -42,11 +42,11 @@ COPY --from=fs-config / /build/staging/opt/freeswitch/etc/freeswitch/ # =============================================== # we are using ubuntu here, because libjpeg8 is required, but not available in debian -FROM ubuntu:20.04 +FROM ubuntu:22.04 RUN apt-get update && \ apt-get install -y \ xmlstarlet wget iptables curl \ - libfreetype6 libcurl4 libspeex1 libspeexdsp1 libopus0 libsndfile1 libopusfile0 liblua5.2-0 libjbig0 libldns2 libedit2 libtiff5 libpng16-16 \ + libfreetype6 libcurl4 libspeex1 libspeexdsp1 libopus0 libsndfile1 libopusfile0 liblua5.2-0 libjbig0 libldns3 libedit2 libtiff5 libpng16-16 libsqlite3-0 \ && \ # install libopusenc0 wget -O /tmp/libopusenc0_0.2.1-1bbb2_amd64.deb https://launchpad.net/~bigbluebutton/+archive/ubuntu/support/+files/libopusenc0_0.2.1-1bbb2_amd64.deb \ diff --git a/mod/fsesl-akka/logback.xml b/mod/fsesl-akka/logback.xml index a6749c0d..9e587d91 100644 --- a/mod/fsesl-akka/logback.xml +++ b/mod/fsesl-akka/logback.xml @@ -11,8 +11,7 @@ - + - diff --git a/mod/html5/Dockerfile b/mod/html5/Dockerfile index 5f092c0d..7b050b63 100644 --- a/mod/html5/Dockerfile +++ b/mod/html5/Dockerfile @@ -4,8 +4,6 @@ FROM bigbluebutton/bbb-build:$BBB_BUILD_TAG AS builder # RUN groupadd -g 2000 meteor && useradd -m -u 2001 -g meteor meteor # USER meteor -ARG TAG_HTML5 - COPY --from=source ./ /source RUN cd /source && meteor npm ci --production \ && METEOR_DISABLE_OPTIMISTIC_CACHING=1 meteor build --architecture os.linux.x86_64 --allow-superuser --directory /app \ @@ -17,6 +15,7 @@ RUN cd /app/bundle/programs/server \ RUN mkdir -p /app/bundle/programs/web.browser/app/files && \ cp /app/bundle/programs/server/npm/node_modules/@fontsource/*/files/*.woff* /app/bundle/programs/web.browser/app/files/ +ARG TAG_BBB RUN sed -i "s/VERSION/$TAG_BBB/" /app/bundle/programs/web.browser/head.html \ && find /app/bundle/programs/web.browser -name '*.js' -exec gzip -k -f -9 '{}' \; \ && find /app/bundle/programs/web.browser -name '*.css' -exec gzip -k -f -9 '{}' \; \ @@ -24,7 +23,7 @@ RUN sed -i "s/VERSION/$TAG_BBB/" /app/bundle/programs/web.browser/head.html \ # ------------------------------ -FROM node:14.21-bullseye-slim +FROM node:18-bookworm-slim RUN apt-get update && apt-get install -y gosu diff --git a/mod/html5/Dockerfile.dev b/mod/html5/Dockerfile.dev new file mode 100644 index 00000000..21ad85cd --- /dev/null +++ b/mod/html5/Dockerfile.dev @@ -0,0 +1,16 @@ +ARG BBB_BUILD_TAG +FROM bigbluebutton/bbb-build:$BBB_BUILD_TAG AS builder + + +RUN curl https://install.meteor.com/\?release\=2.13 | sh + + +COPY --from=alangecker/bbb-docker-base-java /usr/local/bin/dockerize /usr/local/bin/dockerize + +# make /root/.meteor accessible for user +RUN chmod 777 /root /root/.meteor + +COPY entrypoint.dev.sh /entrypoint.dev.sh + +ENTRYPOINT ["/entrypoint.dev.sh"] + diff --git a/mod/html5/bbb-html5.yml b/mod/html5/bbb-html5.yml index 17db5356..85decd3a 100644 --- a/mod/html5/bbb-html5.yml +++ b/mod/html5/bbb-html5.yml @@ -1,7 +1,7 @@ public: app: - html5ClientBuild: {{ .Env.TAG_HTML5 }} - bbbServerVersion: {{ .Env.TAG_HTML5 }}-docker + html5ClientBuild: {{ .Env.TAG_BBB }} + bbbServerVersion: {{ .Env.TAG_BBB }}-docker listenOnlyMode: {{ .Env.LISTEN_ONLY_MODE }} skipCheck: {{ .Env.DISABLE_ECHO_TEST }} clientTitle: {{ .Env.CLIENT_TITLE }} diff --git a/mod/html5/entrypoint.dev.sh b/mod/html5/entrypoint.dev.sh new file mode 100755 index 00000000..6063e6b3 --- /dev/null +++ b/mod/html5/entrypoint.dev.sh @@ -0,0 +1,31 @@ +#!/bin/sh -e + +# use /tmp as home dir as writeable directory for whatever UID we get +export HOME=/tmp + + +export MONGO_OPLOG_URL=mongodb://10.7.7.6/local +export MONGO_URL=mongodb://10.7.7.6/meteor +export ROOT_URL=http://127.0.0.1/html5client +export BIND_IP=0.0.0.0 +export LANG=en_US.UTF-8 +export BBB_HTML5_LOCAL_SETTINGS=/tmp/bbb-html5.yml + +echo "DEV_MODE=true, disable TLS certificate rejecting" +export NODE_TLS_REJECT_UNAUTHORIZED=0 + + +if [ ! -f "/tmp/.meteor/copy-done" ]; then + echo "# copying over .meteor from docker image... (this might take some minutes)" + cp -a /root/.meteor/* /tmp/.meteor + touch /tmp/.meteor/copy-done +fi + +cd /app +echo "# meteor npm install" +meteor npm install + +echo "# npm start" +dockerize \ + -template /tmp/bbb-html5.yml.tmpl:/tmp/bbb-html5.yml \ + npm start diff --git a/mod/html5/entrypoint.sh b/mod/html5/entrypoint.sh index a0cb369a..f6c007b6 100755 --- a/mod/html5/entrypoint.sh +++ b/mod/html5/entrypoint.sh @@ -14,11 +14,6 @@ export ENVIRONMENT_TYPE=production export NODE_VERSION=node-v14.21.1-linux-x64 export BBB_HTML5_LOCAL_SETTINGS=/app/bbb-html5.yml -if [ "$DEV_MODE" == true ]; then - echo "DEV_MODE=true, disable TLS certificate rejecting" - export NODE_TLS_REJECT_UNAUTHORIZED=0 -fi - if [ "$BBB_HTML5_ROLE" == "backend" ]; then PARAM=NODEJS_BACKEND_INSTANCE_ID=$INSTANCE_ID fi diff --git a/mod/https/force-https.conf b/mod/https/force-https.conf index b9ad46a6..a8900425 100644 --- a/mod/https/force-https.conf +++ b/mod/https/force-https.conf @@ -5,7 +5,7 @@ location /bigbluebutton/api/join { } # allow /api calls without redirecting to https -location /bigbluebutton/api { +location /bigbluebutton/ { proxy_pass https://127.0.0.1:443; proxy_ssl_verify off; } diff --git a/mod/mongo/init-replica.sh b/mod/mongo/init-replica.sh index 188cddaf..da06dfda 100755 --- a/mod/mongo/init-replica.sh +++ b/mod/mongo/init-replica.sh @@ -15,12 +15,12 @@ mongod --oplogSize 8 --replSet rs0 --noauth \ --pidfilepath /tmp/docker-entrypoint-temp-mongod.pid --fork # init replset with defaults -mongo 10.7.7.6 --eval "rs.initiate({ +mongosh 10.7.7.6 --eval "rs.initiate({ _id: 'rs0', members: [ { _id: 0, host: '10.7.7.6:27017' } ] })" echo "Waiting to become a master" -echo 'while (!db.isMaster().ismaster) { sleep(100); }' | mongo +echo 'while (!db.isMaster().ismaster) { sleep(100); }' | mongosh echo "I'm the master!" \ No newline at end of file diff --git a/mod/nginx/bbb-html5.dev.nginx b/mod/nginx/bbb-html5.dev.nginx new file mode 100644 index 00000000..2ed56894 --- /dev/null +++ b/mod/nginx/bbb-html5.dev.nginx @@ -0,0 +1,6 @@ +location /html5client { + proxy_pass http://10.7.7.200:4100; # use for production + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; +} diff --git a/mod/nginx/bbb/graphql.nginx b/mod/nginx/bbb/graphql.nginx new file mode 100644 index 00000000..d80c6369 --- /dev/null +++ b/mod/nginx/bbb/graphql.nginx @@ -0,0 +1,24 @@ +location /graphql-test { + proxy_pass http://127.0.0.1:3000; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; +} + +# Websocket connection +location /v1/graphql { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $host; + #proxy_pass http://127.0.0.1:8080; #Hasura + proxy_pass http://10.7.7.32:8378; #Graphql Middleware +} + +location /api/rest { + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_set_header Host $host; + proxy_pass http://127.0.0.1:8080; #Hasura +} diff --git a/mod/periodic/Dockerfile b/mod/periodic/Dockerfile index 184cc89c..770dcafd 100644 --- a/mod/periodic/Dockerfile +++ b/mod/periodic/Dockerfile @@ -1,4 +1,4 @@ -FROM debian:bullseye-slim +FROM debian:bookworm-slim # -- install docker cli COPY --from=library/docker:latest /usr/local/bin/docker /usr/bin/docker diff --git a/mod/postgres/initdb.sh b/mod/postgres/initdb.sh new file mode 100755 index 00000000..fb0560e5 --- /dev/null +++ b/mod/postgres/initdb.sh @@ -0,0 +1,21 @@ +#!/bin/bash + +set -e +set -u + +function create_user_and_database() { + local database=$1 + echo " Creating user and database '$database'" + psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" <<-EOSQL + CREATE DATABASE $database; + GRANT ALL PRIVILEGES ON DATABASE $database TO $POSTGRES_USER; +EOSQL +} + +if [ -n "$POSTGRES_MULTIPLE_DATABASES" ]; then + echo "Multiple database creation requested: $POSTGRES_MULTIPLE_DATABASES" + for db in $(echo $POSTGRES_MULTIPLE_DATABASES | tr ',' ' '); do + create_user_and_database $db + done + echo "Multiple databases created" +fi \ No newline at end of file diff --git a/mod/recordings/Dockerfile b/mod/recordings/Dockerfile index 9f087630..56c7d9f5 100644 --- a/mod/recordings/Dockerfile +++ b/mod/recordings/Dockerfile @@ -1,5 +1,5 @@ -FROM ruby:2.7-slim-bullseye +FROM ruby:3.0-slim-bullseye # install apt dependencies RUN apt-get update && apt-get install -y \ diff --git a/mod/recordings/supervisord.conf b/mod/recordings/supervisord.conf index 443be88a..22e456d3 100644 --- a/mod/recordings/supervisord.conf +++ b/mod/recordings/supervisord.conf @@ -4,7 +4,7 @@ user=root [program:rasque_workers] command=bundle exec rake -f Rakefile resque:workers directory=/usr/local/bigbluebutton/core/scripts -environment=QUEUE="rap:archive,rap:publish,rap:process,rap:sanity,rap:captions,rap:events",COUNT="1",VVERBOSE="1",HOME="/home/bigbluebutton" +environment=QUEUE="rap:archive,rap:publish,rap:process,rap:sanity,rap:captions,rap:events",COUNT="1",HOME="/home/bigbluebutton" user=bigbluebutton stdout_logfile=/dev/fd/1 stdout_logfile_maxbytes=0 diff --git a/mod/webhooks/Dockerfile b/mod/webhooks/Dockerfile index f0aaa9fa..7d603fec 100644 --- a/mod/webhooks/Dockerfile +++ b/mod/webhooks/Dockerfile @@ -1,4 +1,4 @@ -FROM node:18-bullseye-slim AS builder +FROM node:18-bookworm-slim AS builder RUN apt-get update && apt-get install -y git wget @@ -12,7 +12,7 @@ RUN cd /bbb-webhooks && npm install --production RUN chmod 777 /bbb-webhooks/config # ------------------------------ -FROM node:18-bullseye-slim +FROM node:18-bookworm-slim RUN useradd --uid 2004 --user-group bbb-webhooks COPY --from=builder /usr/bin/yq /usr/bin/yq diff --git a/mod/webrtc-sfu/Dockerfile b/mod/webrtc-sfu/Dockerfile index b3f57afe..4f8e53cd 100644 --- a/mod/webrtc-sfu/Dockerfile +++ b/mod/webrtc-sfu/Dockerfile @@ -18,7 +18,7 @@ RUN cd /app \ # ============================= -FROM node:18-bullseye-slim +FROM node:18-bookworm-slim RUN useradd --uid 2004 --user-group webrtc-sfu ENV NODE_ENV production diff --git a/repos/bbb-webrtc-recorder b/repos/bbb-webrtc-recorder new file mode 160000 index 00000000..c310584a --- /dev/null +++ b/repos/bbb-webrtc-recorder @@ -0,0 +1 @@ +Subproject commit c310584a482e5bf1a3ef660bf0972d16eb8cfd77 diff --git a/repos/bbb-webrtc-sfu b/repos/bbb-webrtc-sfu index c0de0ff3..fe901bd1 160000 --- a/repos/bbb-webrtc-sfu +++ b/repos/bbb-webrtc-sfu @@ -1 +1 @@ -Subproject commit c0de0ff3857146da4924233d36b710874d16a26f +Subproject commit fe901bd15cadcb33f935900f804926f36793c48d diff --git a/repos/bigbluebutton b/repos/bigbluebutton index 5d671b3b..b674477a 160000 --- a/repos/bigbluebutton +++ b/repos/bigbluebutton @@ -1 +1 @@ -Subproject commit 5d671b3b506712e54093f50c2a4bdb9995982fab +Subproject commit b674477a40a3060738219d8a58915f1bcaf8738b diff --git a/scripts/dev b/scripts/dev new file mode 100755 index 00000000..bbb59a57 --- /dev/null +++ b/scripts/dev @@ -0,0 +1,76 @@ +#!/bin/bash + +set -e +cd "$(dirname "$0")/.." +. scripts/functions.sh + +if [ -f ".env" ]; then + load_env + if [[ "$DEV_MODE" == "" ]]; then + echo "Error: .env is not configured as a development environment" + echo "" + read -r -p "Should .env be automatically overwritten with a predefined .env? [Y/n]" response + response=${response,,} # tolower + if [[ $response =~ ^(y| ) ]] || [[ -z $response ]]; then + cp .env .env.bak + cp dev.env .env + else + echo "we can't continue with a .env file configured as a development environment" + exit 1 + fi + fi +else + echo "# creating a .env for the dev setup" + cp dev.env .env +fi + +# to avoid any file permission issues we want to run some containers with the same +# UID and GID as the current user +export BBB_DOCKER_USER="$(id -u):$(id -g)" + +# also add it to ~/.zshrc and/or ~/.bashrc so +# that people can also use commands like `docker compose up` +# without that variable being missing +function add_permanent_env { + STR='export BBB_DOCKER_USER="$(id -u):$(id -g)"' + if [ -z "$(grep "$STR" "$1")" ]; then + echo "append" + echo "" >> $1 + echo "# following line got added by bbb-docker" >> $1 + echo "$STR" >> $1 + fi +} +if [ -f "$(realpath ~/.zshrc)" ]; then + add_permanent_env "$(realpath ~/.zshrc)" +fi +if [ -f "$(realpath ~/.bashrc)" ]; then + add_permanent_env "$(realpath ~/.bashrc)" +fi + + +echo "" +echo "# ensure submodules are checked out" +ensure_submodules + +echo "" +echo "# recreating docker-compose.yml" +./scripts/generate-compose + +echo "" +echo "# rebuilding images" +docker compose build + + +echo "" +echo "============================================" +echo "BBB Development server" +echo "============================================" +echo "API Mate: https://mconf.github.io/api-mate/#server=https://10.7.7.1/bigbluebutton/api&sharedSecret=SuperSecret" +echo "Greenlight: https://10.7.7.1/" +echo "Check containers: docker-compose ps" +echo "Rebuilding container: docker-compose up --build CONTAINERNAME" +echo "============================================" + +sleep 1 + +docker compose up \ No newline at end of file diff --git a/scripts/fs_cli b/scripts/fs_cli index de7fc5d5..68c2fc39 100755 --- a/scripts/fs_cli +++ b/scripts/fs_cli @@ -4,7 +4,7 @@ set -e cd $(dirname $0)/.. # load .env -. functions.sh +. ./scripts/functions.sh load_env docker compose exec freeswitch /opt/freeswitch/bin/fs_cli -H 10.7.7.1 -p "$FSESL_PASSWORD" diff --git a/scripts/functions.sh b/scripts/functions.sh index 4f42e623..e899e80d 100644 --- a/scripts/functions.sh +++ b/scripts/functions.sh @@ -1,15 +1,5 @@ function load_env { - FILE=.env - if [ "$BBB_DOCKER_DEV" = "1" ]; then - FILE=dev.env - else - FILE=.env - fi - - if [ -f $FILE ] - then - export $(cat $FILE | sed 's/#.*//g' | grep -v "WELCOME_FOOTER" | grep -v "WELCOME_MESSAGE" | grep -v "CLIENT_TITLE" | xargs) - fi + export $(cat .env | sed 's/#.*//g' | grep -v "WELCOME_FOOTER" | grep -v "WELCOME_MESSAGE" | grep -v "CLIENT_TITLE" | xargs) } function ensure_submodules { diff --git a/scripts/generate-compose b/scripts/generate-compose index 6348c9c7..3191f609 100755 --- a/scripts/generate-compose +++ b/scripts/generate-compose @@ -40,6 +40,9 @@ function get_tag { fi } +# https://hub.docker.com/r/bigbluebutton/bbb-build +BBB_BUILD_TAG=v3.0.x-release--2023-09-26-152524 + docker run \ --rm \ -v $(pwd)/docker-compose.tmpl.yml:/docker-compose.tmpl.yml \ @@ -48,9 +51,11 @@ docker run \ -e TAG_WEBRTC_SFU=$(get_tag repos/bbb-webrtc-sfu) \ -e TAG_WEBHOOKS=$(get_tag repos/bbb-webhooks) \ -e TAG_PLAYBACK=$(get_tag repos/bbb-playback) \ + -e TAG_WEBRTC_RECORDER=$(get_tag repos/bbb-webrtc-recorder) \ -e TAG_PADS=$(get_tag repos/bbb-pads) \ -e COMMIT_ETHERPAD_SKIN=$(get_tag repos/bbb-etherpad-skin) \ -e COMMIT_ETHERPAD_PLUGIN=$(get_tag repos/bbb-etherpad-plugin) \ + -e BBB_BUILD_TAG=${BBB_BUILD_TAG} \ -e DEV_MODE=${DEV_MODE:-false} \ -e EXTERNAL_IPv6=${EXTERNAL_IPv6:-} \ -e ENABLE_RECORDING=${ENABLE_RECORDING:-false} \ diff --git a/scripts/upgrade b/scripts/upgrade index 4d403b53..454d02ea 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -19,6 +19,30 @@ else echo "# recreate docker-compose.yml" ./scripts/generate-compose + + echo "" + echo "# checking for old volumes & migrate them" + COMPOSE_PREFIX=$(docker compose config | grep '^name:' | awk '{print $2}') + + function migrate { + VOLUME=${COMPOSE_PREFIX}_${1} + EXISTING=$(docker volume ls | grep $VOLUME | tail -n1 | awk '{print $2}') + if [ -n "$EXISTING" ]; then + # ensure volume is not used + docker compose down --remove-orphans + + echo "Migrating $VOLUME to $2" + docker run --rm -v $VOLUME:/src -v $2:/dest --entrypoint /bin/sh eeacms/rsync -c 'rsync -av /src/ /dest' + docker volume rm $EXISTING + fi + } + migrate bigbluebutton ./data/bigbluebutton + migrate vol-freeswitch ./data/freeswitch-meetings + migrate vol-mediasoup ./data/mediasoup + + # TODO: migrate postgres database + # TODO: migrate greenlight-data + echo "" echo "# pull newest images" docker compose pull --ignore-pull-failures diff --git a/scripts/upgrade-and-build b/scripts/upgrade-and-build index 9543c30f..c4a2644a 100755 --- a/scripts/upgrade-and-build +++ b/scripts/upgrade-and-build @@ -14,11 +14,6 @@ then exit else - - echo "" - echo "# pull newest git submodules" - ./scripts/checkout-submodules - echo "" echo "# recreate docker-compose.yml" ./scripts/generate-compose