kimbl/bigbluebutton
0
0
Fork 0
generated from coop-cloud/example
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Cleanup compose

Browse Source
This commit is contained in:
kimbl
2024-10-02 14:09:41 +02:00
parent d71abd125a
commit a9de28086a
1 changed files with 41 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
compose.yml
View File

@ -53,7 +53,7 @@ services:
TURN_SERVER: ${TURN_SERVER:-}
TURN_SECRET: ${TURN_SECRET:-}
ENABLE_LEARNING_DASHBOARD: ${ENABLE_LEARNING_DASHBOARD:-true}
NUMBER_OF_BACKEND_NODEJS_PROCESSES: 2
NUMBER_OF_BACKEND_NODEJS_PROCESSES: 2 # look for containers?
volumes:
- bigbluebutton:/var/bigbluebutton
- vol-freeswitch:/var/freeswitch/meetings
@ -61,6 +61,8 @@ services:
bbb-net:
ipv4_address: 10.7.7.2
# create compose overrides for multiple backend/frontend
# see authentik repo for compose file reference in .env
html5-backend-1:
<<: *html5backend
environment:
@ -314,21 +316,19 @@ services:
# wip: coturn (how to ssl? entrypoint.sh deals with this too)
coturn:
image: coturn/coturn:4.6-alpine
command:
- "--external-ip=${EXTERNAL_IPv4}/${EXTERNAL_IPv4}"
- "--static-auth-secret=${TURN_SECRET}" # how to add docker secret here?
#volumes:
# - ${COTURN_TLS_CERT_PATH}:/tmp/cert.pem # how to use traefik for SSL here?
# - ${COTURN_TLS_KEY_PATH}:/tmp/key.pem # how to use traefik for SSL here?
# - ./mod/coturn/entrypoint.sh:/usr/local/bin/docker-entrypoint.sh
# - ./mod/coturn/turnserver.conf:/etc/coturn/turnserver.conf
configs:
- source: entrypoint_coturn
target: /usr/local/bin/docker-entrypoint.sh
mode: 0555
- source: turnserver_conf
target: /etc/coturn/turnserver.conf
secrets:
- turn_secret
environment:
ENABLE_HTTPS_PROXY: true
user: root
# network_mode: host
entrypoint: /usr/local/bin/docker-entrypoint.sh
network_mode: host
deploy:
update_config:
failure_action: rollback
@ -337,47 +337,34 @@ services:
order: start-first
restart_policy:
max_attempts: 3
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
# how to configure traefik to serve coturn on a port range?
# how to configure trafik for a headless service?
# other services like matrix seem to use their own custom nginx config for ports
- "traefik.http.services.${STACK_NAME}.loadbalancer.server.port=80"
- "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`${EXTRA_DOMAINS})"
- "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
- "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
- "traefik.http.routers.${STACK_NAME}.middlewares=${STACK_NAME}-redirect"
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLForceHost=true"
- "traefik.http.middlewares.${STACK_NAME}-redirect.headers.SSLHost=${DOMAIN}"
- "coop-cloud.${STACK_NAME}.version=0.1.0+4.3.1"
# wip: greenlight (secrets? ipv4?)
# greenlight
greenlight:
image: bigbluebutton/greenlight:v3.1.0
depends_on:
- postgres
- redis
environment:
# DATABASE_URL: postgres://postgres:${POSTGRESQL_SECRET:-password}@postgres:5432/greenlight-v3
# DATABASE_URL is being set by entrypoint-greenlight.sh
REDIS_URL: redis://redis:6379
BIGBLUEBUTTON_ENDPOINT: https://${DOMAIN}/bigbluebutton/api
BIGBLUEBUTTON_SECRET: /run/secret/shared_secret # can this use docker secrets?
SECRET_KEY_BASE: /run/secret/rails_secret # can this use docker secrets?
# BIGBLUEBUTTON_SECRET is being set by entrypoint-greenlight.sh
# SECRET_KEY_BASE is being set by entrypoint-greenlight.sh
RELATIVE_URL_ROOT: /
volumes:
- greenlight_data:/usr/src/app/storage
configs:
- source: abra_entrypoint_greenlight
target: /entrypoint-greenlight.sh
- source: entrypoint_greenlight
target: /usr/local/bin/docker-entrypoint.sh
mode: 0555
secrets:
- postgres_password
entrypoint: /entrypoint-greenlight.sh
- shared_secret
- rails_secret
entrypoint: /usr/local/bin/docker-entrypoint.sh
networks:
bbb-net:
ipv4_address: 10.7.7.21
ipv4_address: 10.7.7.21 # is static ipv4 even possible?
deploy:
update_config:
failure_action: rollback
@ -405,40 +392,40 @@ services:
- postgres_password
networks:
bbb-net:
ipv4_address: 10.7.7.22
deploy:
update_config:
failure_action: rollback
order: start-first
rollback_config:
order: start-first
restart_policy:
max_attempts: 3
ipv4_address: 10.7.7.22
volumes:
greenlight_data:
postgres_data:
configs:
entrypoint_greenlight:
name: ${STACK_NAME}_entrypoint_greenlight_${ENTRYPOINT_GREENLIGHT_VERSION}
file: ./entrypoint.greenlight.sh
turnserver_conf:
name: ${STACK_NAME}_turnserver_conf_${TURNSERVER_CONF_VERSION}
abra_entrypoint_greenlight:
name: ${STACK_NAME}_entrypoint_greenlight_${ENTRYPOINT_GREENLIGHT_VERSION}
file: ./entrypoint-greenlight.sh
file: ./turnserver.conf
entrypoint_coturn:
name: ${STACK_NAME}_entrypoint_coturn_${ENTRYPOINT_COTURN_VERSION}
file: ./entrypoint.coturn.sh
secrets:
shared_secret:
external: true
name: ${STACK_NAME}_shared_secret_${SHARED_SECRET_VERSION}
etherpad_api_key:
external: true
name: ${STACK_NAME}_etherpad_api_key_${ETHERPAD_API_KEY_VERSION}
rails_secret:
external: true
name: ${STACK_NAME}_rails_secret_${RAILS_SECRET_VERSION}
postgres_password:
external: true
name: ${STACK_NAME}_postgres_password_${SECRET_POSTGRES_PASSWORD_VERSION}
shared_secret:
external: true
name: ${STACK_NAME}_shared_secret_${SECRET_SHARED_SECRET_VERSION}
rails_secret:
external: true
name: ${STACK_NAME}_rails_secret_${SECRET_RAILS_SECRET_VERSION}
turn_secret:
external: true
name: ${STACK_NAME}_turn_secret_${SECRET_TURN_SECRET_VERSION}
etherpad_api_key:
external: true
name: ${STACK_NAME}_etherpad_api_key_${ETHERPAD_API_KEY_VERSION}
fsesl_password:
external: true
name: ${STACK_NAME}_fsesl_password_${FSESL_PASSWORD_VERSION}