--- version: '3.8' services: bbb-web: image: alangecker/bbb-docker-web:v3.0.4 depends_on: - redis - etherpad - bbb-pads - collabora # healthcheck: # test: wget --no-proxy --no-verbose --tries=1 --spider http://10.7.7.2:8090/bigbluebutton/api || exit 1 # start_period: 2m environment: DEV_MODE: ${DEV_MODE:-} IGNORE_TLS_CERT_ERRORS: false DOMAIN: ${DOMAIN} ENABLE_RECORDING: ${ENABLE_RECORDING:-false} WELCOME_MESSAGE: ${WELCOME_MESSAGE:-} WELCOME_FOOTER: ${WELCOME_FOOTER} STUN_SERVER: stun:${STUN_IP}:${STUN_PORT} ENABLE_HTTPS_PROXY: ${ENABLE_HTTPS_PROXY:-false} # SHARED_SECRET is set via entrypoint.bbb-web.sh # TURN_SECRET is set via entrypoint.bbb-web.sh ENABLE_LEARNING_DASHBOARD: ${ENABLE_LEARNING_DASHBOARD:-true} # NUMBER_OF_BACKEND_NODEJS_PROCESSES: 2 # look for containers? configs: - source: entrypoint_bbbweb target: /usr/local/bin/docker-entrypoint.sh mode: 0555 entrypoint: /usr/local/bin/docker-entrypoint.sh secrets: - shared_secret - turn_secret volumes: - bigbluebutton:/var/bigbluebutton - vol-freeswitch:/var/freeswitch/meetings networks: bbb-net: ipv4_address: 10.7.7.2 # freeswitch (audio input streaming and telco dial-in support) freeswitch: container_name: bbb-freeswitch image: alangecker/bbb-docker-freeswitch:v1.10.12-v3.0.4 cap_add: - IPC_LOCK - NET_ADMIN - NET_RAW - NET_BROADCAST - SYS_NICE - SYS_RESOURCE environment: DOMAIN: ${DOMAIN} EXTERNAL_IPv4: ${EXTERNAL_IPv4} # EXTERNAL_IPv6: ${EXTERNAL_IPv6:-::1} SIP_IP_ALLOWLIST: ${SIP_IP_ALLOWLIST:-} DISABLE_SOUND_MUTED: ${DISABLE_SOUND_MUTED:-false} DISABLE_SOUND_ALONE: ${DISABLE_SOUND_ALONE:-false} SOUNDS_LANGUAGE: ${SOUNDS_LANGUAGE:-en-us-callie} # ESL_PASSWORD is set via entrypoint.freeswitch.sh configs: - source: entrypoint_freeswitch target: /usr/local/bin/docker-entrypoint.sh mode: 0555 entrypoint: /usr/local/bin/docker-entrypoint.sh secrets: - fsesl_password volumes: # - ./conf/sip_profiles:/etc/freeswitch/sip_profiles/external # - ./conf/dialplan_public:/etc/freeswitch/dialplan/public_docker - vol-freeswitch:/var/freeswitch/meetings network_mode: host logging: # reduce logs to a minimum, so `docker compose logs -f` still works driver: "local" options: max-size: "10k" max-file: "1" compress: "false" # nginx (webserver gateway for a bunch of things) nginx: image: alangecker/bbb-docker-nginx:v3.0.4-v5.3.1-1.25 volumes: - bigbluebutton:/var/bigbluebutton - ${DEFAULT_PRESENTATION:-/dev/null}:/www/default.pdf tmpfs: - /tmp network_mode: host extra_hosts: - "host.docker.internal:10.7.7.1" - "bbb-web:10.7.7.2" - "etherpad:10.7.7.4" - "webrtc-sfu:10.7.7.1" - "greenlight:10.7.7.21" - "bbb-graphql-server:10.7.7.31" - "bbb-graphql-middleware:10.7.7.32" # etherpad (collaborative notepad) etherpad: image: alangecker/bbb-docker-etherpad:2.2.7-s8328b77-p88f3f6b depends_on: - redis - collabora # environment: # ETHERPAD_API_KEY is set via entrypoint configs: - source: entrypoint_etherpad target: /usr/local/bin/docker-entrypoint.sh mode: 0555 secrets: - etherpad_api_key entrypoint: /usr/local/bin/docker-entrypoint.sh networks: bbb-net: ipv4_address: 10.7.7.4 # bbb-pads (bbb etherpad integration) bbb-pads: image: alangecker/bbb-docker-pads:v1.5.3 depends_on: - redis - etherpad # environment: # ETHERPAD_API_KEY is set via entrypoint configs: - source: entrypoint_bbbpads target: /usr/local/bin/docker-entrypoint.sh mode: 0555 secrets: - etherpad_api_key entrypoint: /usr/local/bin/docker-entrypoint.sh networks: bbb-net: ipv4_address: 10.7.7.18 # redis (caching) redis: image: redis:7.2-alpine #healthcheck: # test: ["CMD", "redis-cli", "ping"] # interval: 1s # timeout: 3s # retries: 30 networks: bbb-net: ipv4_address: 10.7.7.5 bbb-export-annotations: image: alangecker/bbb-docker-bbb-export-annotations:v3.0.4 restart: unless-stopped depends_on: - redis - etherpad - bbb-pads networks: # need connections to: # https://github.com/bigbluebutton/bigbluebutton/blob/v2.7.0/bbb-export-annotations/config/settings.json # "bbbWebAPI": "http://127.0.0.1:8090", -> bbb-web # "bbbPadsAPI": "http://127.0.0.1:9002", -> bbb-pads bbb-net: ipv4_address: 10.7.7.19 volumes: - bigbluebutton:/var/bigbluebutton tmpfs: - /tmp # webrtc-sfu (webrtc controller for negotiation and media stream) webrtc-sfu: image: alangecker/bbb-docker-webrtc-sfu:v2.17.0-beta.6 depends_on: - redis - freeswitch environment: # ESL_PASSWORD is set via entrypoint.webrtc-sfu.sh MS_WEBRTC_LISTEN_IPS: '[{"ip":"${EXTERNAL_IPv4}", "announcedIp":"${EXTERNAL_IPv4}"}]' configs: - source: entrypoint_webrtcsfu target: /usr/local/bin/docker-entrypoint.sh mode: 0555 entrypoint: /usr/local/bin/docker-entrypoint.sh volumes: - vol-mediasoup:/var/mediasoup tmpfs: - /var/log/bbb-webrtc-sfu secrets: - fsesl_password network_mode: host security_opt: - seccomp:unconfined # allow io_uring access for mediasoup ulimits: memlock: -1 # allow io_uring_register_buffers to allocate enough ram # fsesl-akka (bbb freeswitch integration) fsesl-akka: image: alangecker/bbb-docker-fsesl-akka:v3.0.4 depends_on: - redis - freeswitch # environment: # FSESL_PASSWORD is set via entrypoint configs: - source: entrypoint_fseslakka target: /usr/local/bin/docker-entrypoint.sh mode: 0555 secrets: - fsesl_password entrypoint: /usr/local/bin/docker-entrypoint.sh networks: bbb-net: ipv4_address: 10.7.7.14 # apps-akka (seems to be an bbb app integration endpoint) apps-akka: image: alangecker/bbb-docker-apps-akka:v3.0.4 depends_on: - redis environment: DOMAIN: ${DOMAIN} # SHARED_SECRET is set via entrypoint volumes: - vol-freeswitch:/var/freeswitch/meetings configs: - source: entrypoint_appsakka target: /usr/local/bin/docker-entrypoint.sh mode: 0555 secrets: - shared_secret - postgres_password entrypoint: /usr/local/bin/docker-entrypoint.sh networks: bbb-net: ipv4_address: 10.7.7.15 # jodconverter (jodconverter most likely just transforms doc files to pdf for the presentation mode) jodconverter: image: alangecker/bbb-docker-jodconverter:latest security_opt: - 'no-new-privileges:true' # security profile. might work with swarm. tmpfs: - /tmp deploy: resources: limits: memory: 512M networks: bbb-net: ipv4_address: 10.7.7.20 # periodic (runs a freeswitch sync and cleans up recordings, has entrypoint but needs no custom things afaik) periodic: image: alangecker/bbb-docker-periodic:v2.7.0 depends_on: - mongodb volumes: - /var/run/docker.sock:/var/run/docker.sock # not sure what prupose this has? - bigbluebutton:/var/bigbluebutton # access bbb data - vol-mediasoup:/var/mediasoup # not sure what this is? tmpfs: - /var/log/bigbluebutton environment: ENABLE_RECORDING: ${ENABLE_RECORDING-false} # set to false for now REMOVE_OLD_RECORDING: ${REMOVE_OLD_RECORDING} RECORDING_MAX_AGE_DAYS: ${RECORDING_MAX_AGE_DAYS} networks: bbb-net: ipv4_address: 10.7.7.12 # coturn coturn: image: coturn/coturn:4.6-alpine configs: - source: entrypoint_coturn target: /usr/local/bin/docker-entrypoint.sh mode: 0555 - source: turnserver_conf target: /etc/coturn/turnserver.conf secrets: - turn_secret environment: ENABLE_HTTPS_PROXY: "true" user: root entrypoint: /usr/local/bin/docker-entrypoint.sh network_mode: host # greenlight greenlight: image: bigbluebutton/greenlight:v3.1.0 depends_on: - postgres - redis environment: # DATABASE_URL is being set by entrypoint.greenlight.sh REDIS_URL: redis://redis:6379 BIGBLUEBUTTON_ENDPOINT: https://${DOMAIN}/bigbluebutton/api # BIGBLUEBUTTON_SECRET is being set by entrypoint.greenlight.sh # SECRET_KEY_BASE is being set by entrypoint.greenlight.sh RELATIVE_URL_ROOT: / volumes: - greenlight_data:/usr/src/app/storage configs: - source: entrypoint_greenlight target: /usr/local/bin/docker-entrypoint.sh mode: 0555 secrets: - postgres_password - shared_secret - rails_secret entrypoint: /usr/local/bin/docker-entrypoint.sh networks: bbb-net: ipv4_address: 10.7.7.21 # does static ipv4 work with swarm? # postgres for greenlight postgres: image: postgres:12-alpine environment: POSTGRES_DB: greenlight-v3 POSTGRES_USER: postgres POSTGRES_PASSWORD_FILE: /run/secret/postgres_password #healthcheck: #test: ["CMD-SHELL", "pg_isready -U postgres"] #interval: 10s #timeout: 5s #retries: 5 volumes: - "postgres_data:/var/lib/postgresql/data" secrets: - postgres_password networks: bbb-net: ipv4_address: 10.7.7.22 volumes: html5-static: greenlight_data: postgres_data: bigbluebutton: vol-mediasoup: vol-freeswitch: vol-kurento: configs: entrypoint_greenlight: name: ${STACK_NAME}_entrypoint_greenlight_${ENTRYPOINT_GREENLIGHT_VERSION} file: ./entrypoint.greenlight.sh turnserver_conf: name: ${STACK_NAME}_turnserver_conf_${TURNSERVER_CONF_VERSION} file: ./turnserver.conf entrypoint_coturn: name: ${STACK_NAME}_entrypoint_coturn_${ENTRYPOINT_COTURN_VERSION} file: ./entrypoint.coturn.sh entrypoint_appsakka: name: ${STACK_NAME}_entrypoint_appsakka_${ENTRYPOINT_APPSAKKA_VERSION} file: ./entrypoint.apps-akka.sh entrypoint_fseslakka: name: ${STACK_NAME}_entrypoint_fseslakka_${ENTRYPOINT_FSESLAKKA_VERSION} file: ./entrypoint.fsesl-akka.sh entrypoint_webrtcsfu: name: ${STACK_NAME}_entrypoint_webrtcsfu_${ENTRYPOINT_WEBRTCSFU_VERSION} file: ./entrypoint.webrtc-sfu.sh mongod_conf: name: ${STACK_NAME}_mongod_conf_${MONGOD_CONF_VERSION} file: ./mongod.conf init_replica: name: ${STACK_NAME}_init_replica_${INIT_REPLICA_VERSION} file: ./init-replica.sh entrypoint_bbbpads: name: ${STACK_NAME}_entrypoint_bbbpads_${ENTRYPOINT_BBBPADS_VERSION} file: ./entrypoint.bbb-pads.sh entrypoint_etherpad: name: ${STACK_NAME}_entrypoint_etherpad_${ENTRYPOINT_ETHERPAD_VERSION} file: ./entrypoint.etherpad.sh entrypoint_freeswitch: name: ${STACK_NAME}_entrypoint_freeswitch_${ENTRYPOINT_FREESWITCH_VERSION} file: ./entrypoint.freeswitch.sh entrypoint_bbbweb: name: ${STACK_NAME}_entrypoint_bbbweb_${ENTRYPOINT_BBBWEB_VERSION} file: ./entrypoint.bbb-web.sh secrets: postgres_password: external: true name: ${STACK_NAME}_postgres_password_${SECRET_POSTGRES_PASSWORD_VERSION} shared_secret: external: true name: ${STACK_NAME}_shared_secret_${SECRET_SHARED_SECRET_VERSION} rails_secret: external: true name: ${STACK_NAME}_rails_secret_${SECRET_RAILS_SECRET_VERSION} turn_secret: external: true name: ${STACK_NAME}_turn_secret_${SECRET_TURN_SECRET_VERSION} fsesl_password: external: true name: ${STACK_NAME}_fsesl_password_${SECRET_FSESL_PASSWORD_VERSION} etherpad_api_key: external: true name: ${STACK_NAME}_etherpad_api_key_${ETHERPAD_API_KEY_VERSION} networks: bbb-net: ipam: driver: default config: - subnet: "10.7.7.0/24"