forked from kimbl/bigbluebutton
410 lines
12 KiB
YAML
410 lines
12 KiB
YAML
---
|
|
version: '3.8'
|
|
|
|
services:
|
|
bbb-web:
|
|
image: alangecker/bbb-docker-web:v3.0.4
|
|
depends_on:
|
|
- redis
|
|
- etherpad
|
|
- bbb-pads
|
|
- collabora
|
|
# healthcheck:
|
|
# test: wget --no-proxy --no-verbose --tries=1 --spider http://10.7.7.2:8090/bigbluebutton/api || exit 1
|
|
# start_period: 2m
|
|
environment:
|
|
DEV_MODE: ${DEV_MODE:-}
|
|
IGNORE_TLS_CERT_ERRORS: false
|
|
DOMAIN: ${DOMAIN}
|
|
ENABLE_RECORDING: ${ENABLE_RECORDING:-false}
|
|
WELCOME_MESSAGE: ${WELCOME_MESSAGE:-}
|
|
WELCOME_FOOTER: ${WELCOME_FOOTER}
|
|
STUN_SERVER: stun:${STUN_IP}:${STUN_PORT}
|
|
ENABLE_HTTPS_PROXY: ${ENABLE_HTTPS_PROXY:-false}
|
|
# SHARED_SECRET is set via entrypoint.bbb-web.sh
|
|
# TURN_SECRET is set via entrypoint.bbb-web.sh
|
|
ENABLE_LEARNING_DASHBOARD: ${ENABLE_LEARNING_DASHBOARD:-true}
|
|
# NUMBER_OF_BACKEND_NODEJS_PROCESSES: 2 # look for containers?
|
|
configs:
|
|
- source: entrypoint_bbbweb
|
|
target: /usr/local/bin/docker-entrypoint.sh
|
|
mode: 0555
|
|
entrypoint: /usr/local/bin/docker-entrypoint.sh
|
|
secrets:
|
|
- shared_secret
|
|
- turn_secret
|
|
volumes:
|
|
- bigbluebutton:/var/bigbluebutton
|
|
- vol-freeswitch:/var/freeswitch/meetings
|
|
networks:
|
|
bbb-net:
|
|
ipv4_address: 10.7.7.2
|
|
|
|
# freeswitch (audio input streaming and telco dial-in support)
|
|
freeswitch:
|
|
container_name: bbb-freeswitch
|
|
image: alangecker/bbb-docker-freeswitch:v1.10.12-v3.0.4
|
|
cap_add:
|
|
- IPC_LOCK
|
|
- NET_ADMIN
|
|
- NET_RAW
|
|
- NET_BROADCAST
|
|
- SYS_NICE
|
|
- SYS_RESOURCE
|
|
environment:
|
|
DOMAIN: ${DOMAIN}
|
|
EXTERNAL_IPv4: ${EXTERNAL_IPv4}
|
|
# EXTERNAL_IPv6: ${EXTERNAL_IPv6:-::1}
|
|
SIP_IP_ALLOWLIST: ${SIP_IP_ALLOWLIST:-}
|
|
DISABLE_SOUND_MUTED: ${DISABLE_SOUND_MUTED:-false}
|
|
DISABLE_SOUND_ALONE: ${DISABLE_SOUND_ALONE:-false}
|
|
SOUNDS_LANGUAGE: ${SOUNDS_LANGUAGE:-en-us-callie}
|
|
# ESL_PASSWORD is set via entrypoint.freeswitch.sh
|
|
configs:
|
|
- source: entrypoint_freeswitch
|
|
target: /usr/local/bin/docker-entrypoint.sh
|
|
mode: 0555
|
|
entrypoint: /usr/local/bin/docker-entrypoint.sh
|
|
secrets:
|
|
- fsesl_password
|
|
volumes:
|
|
# - ./conf/sip_profiles:/etc/freeswitch/sip_profiles/external
|
|
# - ./conf/dialplan_public:/etc/freeswitch/dialplan/public_docker
|
|
- vol-freeswitch:/var/freeswitch/meetings
|
|
network_mode: host
|
|
logging:
|
|
# reduce logs to a minimum, so `docker compose logs -f` still works
|
|
driver: "local"
|
|
options:
|
|
max-size: "10k"
|
|
max-file: "1"
|
|
compress: "false"
|
|
|
|
# nginx (webserver gateway for a bunch of things)
|
|
nginx:
|
|
image: alangecker/bbb-docker-nginx:v3.0.4-v5.3.1-1.25
|
|
volumes:
|
|
- bigbluebutton:/var/bigbluebutton
|
|
- ${DEFAULT_PRESENTATION:-/dev/null}:/www/default.pdf
|
|
tmpfs:
|
|
- /tmp
|
|
network_mode: host
|
|
extra_hosts:
|
|
- "host.docker.internal:10.7.7.1"
|
|
- "bbb-web:10.7.7.2"
|
|
- "etherpad:10.7.7.4"
|
|
- "webrtc-sfu:10.7.7.1"
|
|
- "greenlight:10.7.7.21"
|
|
- "bbb-graphql-server:10.7.7.31"
|
|
- "bbb-graphql-middleware:10.7.7.32"
|
|
|
|
# etherpad (collaborative notepad)
|
|
etherpad:
|
|
image: alangecker/bbb-docker-etherpad:2.2.7-s8328b77-p88f3f6b
|
|
depends_on:
|
|
- redis
|
|
- collabora
|
|
# environment:
|
|
# ETHERPAD_API_KEY is set via entrypoint
|
|
configs:
|
|
- source: entrypoint_etherpad
|
|
target: /usr/local/bin/docker-entrypoint.sh
|
|
mode: 0555
|
|
secrets:
|
|
- etherpad_api_key
|
|
entrypoint: /usr/local/bin/docker-entrypoint.sh
|
|
networks:
|
|
bbb-net:
|
|
ipv4_address: 10.7.7.4
|
|
|
|
# bbb-pads (bbb etherpad integration)
|
|
bbb-pads:
|
|
image: alangecker/bbb-docker-pads:v1.5.3
|
|
depends_on:
|
|
- redis
|
|
- etherpad
|
|
# environment:
|
|
# ETHERPAD_API_KEY is set via entrypoint
|
|
configs:
|
|
- source: entrypoint_bbbpads
|
|
target: /usr/local/bin/docker-entrypoint.sh
|
|
mode: 0555
|
|
secrets:
|
|
- etherpad_api_key
|
|
entrypoint: /usr/local/bin/docker-entrypoint.sh
|
|
networks:
|
|
bbb-net:
|
|
ipv4_address: 10.7.7.18
|
|
|
|
# redis (caching)
|
|
redis:
|
|
image: redis:7.2-alpine
|
|
#healthcheck:
|
|
# test: ["CMD", "redis-cli", "ping"]
|
|
# interval: 1s
|
|
# timeout: 3s
|
|
# retries: 30
|
|
networks:
|
|
bbb-net:
|
|
ipv4_address: 10.7.7.5
|
|
|
|
bbb-export-annotations:
|
|
image: alangecker/bbb-docker-bbb-export-annotations:v3.0.4
|
|
restart: unless-stopped
|
|
depends_on:
|
|
- redis
|
|
- etherpad
|
|
- bbb-pads
|
|
networks:
|
|
# need connections to:
|
|
# https://github.com/bigbluebutton/bigbluebutton/blob/v2.7.0/bbb-export-annotations/config/settings.json
|
|
# "bbbWebAPI": "http://127.0.0.1:8090", -> bbb-web
|
|
# "bbbPadsAPI": "http://127.0.0.1:9002", -> bbb-pads
|
|
bbb-net:
|
|
ipv4_address: 10.7.7.19
|
|
volumes:
|
|
- bigbluebutton:/var/bigbluebutton
|
|
tmpfs:
|
|
- /tmp
|
|
|
|
# webrtc-sfu (webrtc controller for negotiation and media stream)
|
|
webrtc-sfu:
|
|
image: alangecker/bbb-docker-webrtc-sfu:v2.17.0-beta.6
|
|
depends_on:
|
|
- redis
|
|
- freeswitch
|
|
environment:
|
|
# ESL_PASSWORD is set via entrypoint.webrtc-sfu.sh
|
|
MS_WEBRTC_LISTEN_IPS: '[{"ip":"${EXTERNAL_IPv4}", "announcedIp":"${EXTERNAL_IPv4}"}]'
|
|
configs:
|
|
- source: entrypoint_webrtcsfu
|
|
target: /usr/local/bin/docker-entrypoint.sh
|
|
mode: 0555
|
|
entrypoint: /usr/local/bin/docker-entrypoint.sh
|
|
volumes:
|
|
- vol-mediasoup:/var/mediasoup
|
|
tmpfs:
|
|
- /var/log/bbb-webrtc-sfu
|
|
secrets:
|
|
- fsesl_password
|
|
network_mode: host
|
|
security_opt:
|
|
- seccomp:unconfined # allow io_uring access for mediasoup
|
|
ulimits:
|
|
memlock: -1 # allow io_uring_register_buffers to allocate enough ram
|
|
|
|
|
|
# fsesl-akka (bbb freeswitch integration)
|
|
fsesl-akka:
|
|
image: alangecker/bbb-docker-fsesl-akka:v3.0.4
|
|
depends_on:
|
|
- redis
|
|
- freeswitch
|
|
# environment:
|
|
# FSESL_PASSWORD is set via entrypoint
|
|
configs:
|
|
- source: entrypoint_fseslakka
|
|
target: /usr/local/bin/docker-entrypoint.sh
|
|
mode: 0555
|
|
secrets:
|
|
- fsesl_password
|
|
entrypoint: /usr/local/bin/docker-entrypoint.sh
|
|
networks:
|
|
bbb-net:
|
|
ipv4_address: 10.7.7.14
|
|
|
|
# apps-akka (seems to be an bbb app integration endpoint)
|
|
apps-akka:
|
|
image: alangecker/bbb-docker-apps-akka:v3.0.4
|
|
depends_on:
|
|
- redis
|
|
environment:
|
|
DOMAIN: ${DOMAIN}
|
|
# SHARED_SECRET is set via entrypoint
|
|
volumes:
|
|
- vol-freeswitch:/var/freeswitch/meetings
|
|
configs:
|
|
- source: entrypoint_appsakka
|
|
target: /usr/local/bin/docker-entrypoint.sh
|
|
mode: 0555
|
|
secrets:
|
|
- shared_secret
|
|
- postgres_password
|
|
entrypoint: /usr/local/bin/docker-entrypoint.sh
|
|
networks:
|
|
bbb-net:
|
|
ipv4_address: 10.7.7.15
|
|
|
|
# jodconverter (jodconverter most likely just transforms doc files to pdf for the presentation mode)
|
|
jodconverter:
|
|
image: alangecker/bbb-docker-jodconverter:latest
|
|
security_opt:
|
|
- 'no-new-privileges:true' # security profile. might work with swarm.
|
|
tmpfs:
|
|
- /tmp
|
|
deploy:
|
|
resources:
|
|
limits:
|
|
memory: 512M
|
|
networks:
|
|
bbb-net:
|
|
ipv4_address: 10.7.7.20
|
|
|
|
# periodic (runs a freeswitch sync and cleans up recordings, has entrypoint but needs no custom things afaik)
|
|
periodic:
|
|
image: alangecker/bbb-docker-periodic:v2.7.0
|
|
depends_on:
|
|
- mongodb
|
|
volumes:
|
|
- /var/run/docker.sock:/var/run/docker.sock # not sure what prupose this has?
|
|
- bigbluebutton:/var/bigbluebutton # access bbb data
|
|
- vol-mediasoup:/var/mediasoup # not sure what this is?
|
|
tmpfs:
|
|
- /var/log/bigbluebutton
|
|
environment:
|
|
ENABLE_RECORDING: ${ENABLE_RECORDING-false} # set to false for now
|
|
REMOVE_OLD_RECORDING: ${REMOVE_OLD_RECORDING}
|
|
RECORDING_MAX_AGE_DAYS: ${RECORDING_MAX_AGE_DAYS}
|
|
networks:
|
|
bbb-net:
|
|
ipv4_address: 10.7.7.12
|
|
|
|
# coturn
|
|
coturn:
|
|
image: coturn/coturn:4.6-alpine
|
|
configs:
|
|
- source: entrypoint_coturn
|
|
target: /usr/local/bin/docker-entrypoint.sh
|
|
mode: 0555
|
|
- source: turnserver_conf
|
|
target: /etc/coturn/turnserver.conf
|
|
secrets:
|
|
- turn_secret
|
|
environment:
|
|
ENABLE_HTTPS_PROXY: "true"
|
|
user: root
|
|
entrypoint: /usr/local/bin/docker-entrypoint.sh
|
|
network_mode: host
|
|
|
|
# greenlight
|
|
greenlight:
|
|
image: bigbluebutton/greenlight:v3.1.0
|
|
depends_on:
|
|
- postgres
|
|
- redis
|
|
environment:
|
|
# DATABASE_URL is being set by entrypoint.greenlight.sh
|
|
REDIS_URL: redis://redis:6379
|
|
BIGBLUEBUTTON_ENDPOINT: https://${DOMAIN}/bigbluebutton/api
|
|
# BIGBLUEBUTTON_SECRET is being set by entrypoint.greenlight.sh
|
|
# SECRET_KEY_BASE is being set by entrypoint.greenlight.sh
|
|
RELATIVE_URL_ROOT: /
|
|
volumes:
|
|
- greenlight_data:/usr/src/app/storage
|
|
configs:
|
|
- source: entrypoint_greenlight
|
|
target: /usr/local/bin/docker-entrypoint.sh
|
|
mode: 0555
|
|
secrets:
|
|
- postgres_password
|
|
- shared_secret
|
|
- rails_secret
|
|
entrypoint: /usr/local/bin/docker-entrypoint.sh
|
|
networks:
|
|
bbb-net:
|
|
ipv4_address: 10.7.7.21 # does static ipv4 work with swarm?
|
|
|
|
# postgres for greenlight
|
|
postgres:
|
|
image: postgres:12-alpine
|
|
environment:
|
|
POSTGRES_DB: greenlight-v3
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_PASSWORD_FILE: /run/secret/postgres_password
|
|
#healthcheck:
|
|
#test: ["CMD-SHELL", "pg_isready -U postgres"]
|
|
#interval: 10s
|
|
#timeout: 5s
|
|
#retries: 5
|
|
volumes:
|
|
- "postgres_data:/var/lib/postgresql/data"
|
|
secrets:
|
|
- postgres_password
|
|
networks:
|
|
bbb-net:
|
|
ipv4_address: 10.7.7.22
|
|
|
|
volumes:
|
|
html5-static:
|
|
greenlight_data:
|
|
postgres_data:
|
|
bigbluebutton:
|
|
vol-mediasoup:
|
|
vol-freeswitch:
|
|
vol-kurento:
|
|
|
|
configs:
|
|
entrypoint_greenlight:
|
|
name: ${STACK_NAME}_entrypoint_greenlight_${ENTRYPOINT_GREENLIGHT_VERSION}
|
|
file: ./entrypoint.greenlight.sh
|
|
turnserver_conf:
|
|
name: ${STACK_NAME}_turnserver_conf_${TURNSERVER_CONF_VERSION}
|
|
file: ./turnserver.conf
|
|
entrypoint_coturn:
|
|
name: ${STACK_NAME}_entrypoint_coturn_${ENTRYPOINT_COTURN_VERSION}
|
|
file: ./entrypoint.coturn.sh
|
|
entrypoint_appsakka:
|
|
name: ${STACK_NAME}_entrypoint_appsakka_${ENTRYPOINT_APPSAKKA_VERSION}
|
|
file: ./entrypoint.apps-akka.sh
|
|
entrypoint_fseslakka:
|
|
name: ${STACK_NAME}_entrypoint_fseslakka_${ENTRYPOINT_FSESLAKKA_VERSION}
|
|
file: ./entrypoint.fsesl-akka.sh
|
|
entrypoint_webrtcsfu:
|
|
name: ${STACK_NAME}_entrypoint_webrtcsfu_${ENTRYPOINT_WEBRTCSFU_VERSION}
|
|
file: ./entrypoint.webrtc-sfu.sh
|
|
mongod_conf:
|
|
name: ${STACK_NAME}_mongod_conf_${MONGOD_CONF_VERSION}
|
|
file: ./mongod.conf
|
|
init_replica:
|
|
name: ${STACK_NAME}_init_replica_${INIT_REPLICA_VERSION}
|
|
file: ./init-replica.sh
|
|
entrypoint_bbbpads:
|
|
name: ${STACK_NAME}_entrypoint_bbbpads_${ENTRYPOINT_BBBPADS_VERSION}
|
|
file: ./entrypoint.bbb-pads.sh
|
|
entrypoint_etherpad:
|
|
name: ${STACK_NAME}_entrypoint_etherpad_${ENTRYPOINT_ETHERPAD_VERSION}
|
|
file: ./entrypoint.etherpad.sh
|
|
entrypoint_freeswitch:
|
|
name: ${STACK_NAME}_entrypoint_freeswitch_${ENTRYPOINT_FREESWITCH_VERSION}
|
|
file: ./entrypoint.freeswitch.sh
|
|
entrypoint_bbbweb:
|
|
name: ${STACK_NAME}_entrypoint_bbbweb_${ENTRYPOINT_BBBWEB_VERSION}
|
|
file: ./entrypoint.bbb-web.sh
|
|
|
|
secrets:
|
|
postgres_password:
|
|
external: true
|
|
name: ${STACK_NAME}_postgres_password_${SECRET_POSTGRES_PASSWORD_VERSION}
|
|
shared_secret:
|
|
external: true
|
|
name: ${STACK_NAME}_shared_secret_${SECRET_SHARED_SECRET_VERSION}
|
|
rails_secret:
|
|
external: true
|
|
name: ${STACK_NAME}_rails_secret_${SECRET_RAILS_SECRET_VERSION}
|
|
turn_secret:
|
|
external: true
|
|
name: ${STACK_NAME}_turn_secret_${SECRET_TURN_SECRET_VERSION}
|
|
fsesl_password:
|
|
external: true
|
|
name: ${STACK_NAME}_fsesl_password_${SECRET_FSESL_PASSWORD_VERSION}
|
|
etherpad_api_key:
|
|
external: true
|
|
name: ${STACK_NAME}_etherpad_api_key_${ETHERPAD_API_KEY_VERSION}
|
|
|
|
networks:
|
|
bbb-net:
|
|
ipam:
|
|
driver: default
|
|
config:
|
|
- subnet: "10.7.7.0/24"
|