kimbl/bigbluebutton
0
0
Fork 0
generated from coop-cloud/example
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
main
bigbluebutton/compose.yml
kimbl ca0bb7163c Add missing volumes
2024-10-17 17:59:48 +02:00

490 lines
14 KiB
YAML
Raw Permalink Blame History

---
version: '3.8'
# html5 templates
x-html5-backend: &html5backend
image: alangecker/bbb-docker-html5:v2.7.3
depends_on:
- redis
- mongodb
- etherpad
environment: &html5backend-env
DOMAIN: ${DOMAIN}
CLIENT_TITLE: BigBlueButton
LISTEN_ONLY_MODE: ${LISTEN_ONLY_MODE:-true}
DISABLE_ECHO_TEST: ${DISABLE_ECHO_TEST:-false}
AUTO_SHARE_WEBCAM: ${AUTO_SHARE_WEBCAM:-false}
DISABLE_VIDEO_PREVIEW: ${DISABLE_VIDEO_PREVIEW:-false}
CHAT_ENABLED: ${CHAT_ENABLED:-true}
CHAT_START_CLOSED: ${CHAT_START_CLOSED:-false}
BREAKOUTROOM_LIMIT: ${BREAKOUTROOM_LIMIT:-8}
DEV_MODE: ${DEV_MODE:-}
BBB_HTML5_ROLE: backend
x-html5-frontend: &html5frontend
<<: *html5backend
volumes:
- html5-static:/html5-static:rw
environment: &html5frontend-env
<<: *html5backend-env
BBB_HTML5_ROLE: frontend
# =========================
services:
bbb-web:
image: alangecker/bbb-docker-web:v2.7.3
depends_on:
- redis
- etherpad
- bbb-pads
# healthcheck:
# test: wget --no-proxy --no-verbose --tries=1 --spider http://10.7.7.2:8090/bigbluebutton/api || exit 1
# start_period: 2m
environment:
DEV_MODE: ${DEV_MODE:-}
DOMAIN: ${DOMAIN}
ENABLE_RECORDING: ${ENABLE_RECORDING:-false}
# SHARED_SECRET is set via entrypoint.bbb-web.sh
WELCOME_MESSAGE: ${WELCOME_MESSAGE:-}
WELCOME_FOOTER: ${WELCOME_FOOTER}
STUN_SERVER: stun:${STUN_IP}:${STUN_PORT}
TURN_SERVER: ${TURN_SERVER:-}
# TURN_SECRET is set via entrypoint.bbb-web.sh
ENABLE_LEARNING_DASHBOARD: ${ENABLE_LEARNING_DASHBOARD:-true}
NUMBER_OF_BACKEND_NODEJS_PROCESSES: 2 # look for containers?
configs:
- source: entrypoint_bbbweb
target: /usr/local/bin/docker-entrypoint.sh
mode: 0555
entrypoint: /usr/local/bin/docker-entrypoint.sh
secrets:
- shared_secret
- turn_secret
volumes:
- bigbluebutton:/var/bigbluebutton
- vol-freeswitch:/var/freeswitch/meetings
networks:
bbb-net:
ipv4_address: 10.7.7.2
# create compose overrides for multiple backend/frontend
# see authentik repo for compose file reference in .env
html5-backend-1:
<<: *html5backend
environment:
<<: *html5backend-env
INSTANCE_ID: 1
PORT: 4000
networks:
bbb-net:
ipv4_address: 10.7.7.100
html5-backend-2:
<<: *html5backend
environment:
<<: *html5backend-env
INSTANCE_ID: 2
PORT: 4001
networks:
bbb-net:
ipv4_address: 10.7.7.101
html5-frontend-1:
<<: *html5frontend
environment:
<<: *html5frontend-env
INSTANCE_ID: 1
PORT: 4100
networks:
bbb-net:
ipv4_address: 10.7.7.200
html5-frontend-2:
<<: *html5frontend
environment:
<<: *html5frontend-env
INSTANCE_ID: 2
PORT: 4101
networks:
bbb-net:
ipv4_address: 10.7.7.201
# freeswitch (audio input streaming and telco dial-in support)
freeswitch:
container_name: bbb-freeswitch
image: alangecker/bbb-docker-freeswitch:v2.7.0
cap_add:
- IPC_LOCK
- NET_ADMIN
- NET_RAW
- NET_BROADCAST
- SYS_NICE
- SYS_RESOURCE
environment:
DOMAIN: ${DOMAIN}
EXTERNAL_IPv4: ${EXTERNAL_IPv4}
# EXTERNAL_IPv6: ${EXTERNAL_IPv6:-::1}
SIP_IP_ALLOWLIST: ${SIP_IP_ALLOWLIST:-}
DISABLE_SOUND_MUTED: ${DISABLE_SOUND_MUTED:-false}
DISABLE_SOUND_ALONE: ${DISABLE_SOUND_ALONE:-false}
SOUNDS_LANGUAGE: ${SOUNDS_LANGUAGE:-en-us-callie}
# ESL_PASSWORD is set via entrypoint.freeswitch.sh
configs:
- source: entrypoint_freeswitch
target: /usr/local/bin/docker-entrypoint.sh
mode: 0555
entrypoint: /usr/local/bin/docker-entrypoint.sh
secrets:
- fsesl_password
volumes:
# - ./conf/sip_profiles:/etc/freeswitch/sip_profiles/external
# - ./conf/dialplan_public:/etc/freeswitch/dialplan/public_docker
- vol-freeswitch:/var/freeswitch/meetings
network_mode: host
logging:
# reduce logs to a minimum, so `docker compose logs -f` still works
driver: "local"
options:
max-size: "10k"
max-file: "1"
compress: "false"
# nginx (webserver gateway for a bunch of things)
nginx:
image: alangecker/bbb-docker-nginx:1.23-v5.0.2-v2.7.3
depends_on:
- etherpad
- webrtc-sfu
- html5-backend-1
volumes:
- bigbluebutton:/var/bigbluebutton
- html5-static:/html5-static:ro
- ${DEFAULT_PRESENTATION:-/dev/null}:/www/default.pdf
network_mode: host
extra_hosts:
- "host.docker.internal:10.7.7.1"
- "bbb-web:10.7.7.2"
- "etherpad:10.7.7.4"
- "webrtc-sfu:10.7.7.1"
- "html5:10.7.7.11"
- "greenlight:10.7.7.21"
# etherpad (collaborative notepad)
etherpad:
image: alangecker/bbb-docker-etherpad:1.9.1
depends_on:
- redis
# environment:
# ETHERPAD_API_KEY is set via entrypoint
configs:
- source: entrypoint_etherpad
target: /usr/local/bin/docker-entrypoint.sh
mode: 0555
secrets:
- etherpad_api_key
entrypoint: /usr/local/bin/docker-entrypoint.sh
networks:
bbb-net:
ipv4_address: 10.7.7.4
# bbb-pads (bbb etherpad integration)
bbb-pads:
image: alangecker/bbb-docker-pads:v1.5.2
depends_on:
- redis
- etherpad
# environment:
# ETHERPAD_API_KEY is set via entrypoint
configs:
- source: entrypoint_bbbpads
target: /usr/local/bin/docker-entrypoint.sh
mode: 0555
secrets:
- etherpad_api_key
entrypoint: /usr/local/bin/docker-entrypoint.sh
networks:
bbb-net:
ipv4_address: 10.7.7.18
# redis (caching)
redis:
image: redis:7.2-alpine
#healthcheck:
# test: ["CMD", "redis-cli", "ping"]
# interval: 1s
# timeout: 3s
# retries: 30
networks:
bbb-net:
ipv4_address: 10.7.7.5
# mongodb
mongodb:
container_name: bbb-mongodb
image: mongo:4.4
configs:
- source: mongod_conf
target: /etc/mongod.conf
- source: init_replica
target: /docker-entrypoint-initdb.d/init-replica.sh
tmpfs:
- /data/configdb
- /data/db
command: mongod --config /etc/mongod.conf --oplogSize 8 --replSet rs0 --noauth
# healthcheck:
# test: bash -c "if mongo --eval 'quit(db.runCommand({ ping':' 1 }).ok ? 0 ':' 2)'; then exit 0; fi; exit 1;"
networks:
bbb-net:
ipv4_address: 10.7.7.6
# kurento (media server for streaming webcam and screensharing)
kurento:
image: kurento/kurento-media-server:6.18
network_mode: host
volumes:
- vol-kurento:/var/kurento
# webrtc-sfu (webrtc controller for negotiation and media stream)
webrtc-sfu:
image: alangecker/bbb-docker-webrtc-sfu:v2.12.0
depends_on:
- redis
- freeswitch
- kurento
environment:
CLIENT_HOST: 10.7.7.1
REDIS_HOST: 10.7.7.5
FREESWITCH_IP: 10.7.7.1
FREESWITCH_SIP_IP: ${EXTERNAL_IPv4}
MCS_HOST: 0.0.0.0
MCS_ADDRESS: 127.0.0.1
ESL_IP: 10.7.7.1
# ESL_PASSWORD is set via entrypoint.webrtc-sfu.sh
MS_WEBRTC_LISTEN_IPS: '[{"ip":"${EXTERNAL_IPv4}", "announcedIp":"${EXTERNAL_IPv4}"}]'
MS_RTP_LISTEN_IP: '{"ip":"0.0.0.0", "announcedIp":"${EXTERNAL_IPv4}"}'
configs:
- source: entrypoint_webrtcsfu
target: /usr/local/bin/docker-entrypoint.sh
mode: 0555
entrypoint: /usr/local/bin/docker-entrypoint.sh
volumes:
- vol-mediasoup:/var/mediasoup
tmpfs:
- /var/log/bbb-webrtc-sfu
secrets:
- fsesl_password
network_mode: host
# fsesl-akka (bbb freeswitch integration)
fsesl-akka:
image: alangecker/bbb-docker-fsesl-akka:v2.7.0
depends_on:
- redis
- freeswitch
# environment:
# FSESL_PASSWORD is set via entrypoint
configs:
- source: entrypoint_fseslakka
target: /usr/local/bin/docker-entrypoint.sh
mode: 0555
secrets:
- fsesl_password
entrypoint: /usr/local/bin/docker-entrypoint.sh
networks:
bbb-net:
ipv4_address: 10.7.7.14
# apps-akka (seems to be an bbb app integration endpoint)
apps-akka:
image: alangecker/bbb-docker-apps-akka:v2.7.3
depends_on:
- redis
environment:
DOMAIN: ${DOMAIN}
# SHARED_SECRET is set via entrypoint
volumes:
- vol-freeswitch:/var/freeswitch/meetings
configs:
- source: entrypoint_appsakka
target: /usr/local/bin/docker-entrypoint.sh
mode: 0555
secrets:
- shared_secret
entrypoint: /usr/local/bin/docker-entrypoint.sh
networks:
bbb-net:
ipv4_address: 10.7.7.15
# jodconverter (jodconverter most likely just transforms doc files to pdf for the presentation mode)
jodconverter:
image: alangecker/bbb-docker-jodconverter:latest
security_opt:
- 'no-new-privileges:true' # security profile. might work with swarm.
tmpfs:
- /tmp
deploy:
resources:
limits:
memory: 512M
networks:
bbb-net:
ipv4_address: 10.7.7.20
# periodic (runs a freeswitch sync and cleans up recordings, has entrypoint but needs no custom things afaik)
periodic:
image: alangecker/bbb-docker-periodic:v2.7.0
depends_on:
- mongodb
volumes:
- /var/run/docker.sock:/var/run/docker.sock # not sure what prupose this has?
- bigbluebutton:/var/bigbluebutton # access bbb data
- vol-mediasoup:/var/mediasoup # not sure what this is?
tmpfs:
- /var/log/bigbluebutton
environment:
ENABLE_RECORDING: ${ENABLE_RECORDING-false} # set to false for now
REMOVE_OLD_RECORDING: ${REMOVE_OLD_RECORDING}
RECORDING_MAX_AGE_DAYS: ${RECORDING_MAX_AGE_DAYS}
networks:
bbb-net:
ipv4_address: 10.7.7.12
# coturn
coturn:
image: coturn/coturn:4.6-alpine
configs:
- source: entrypoint_coturn
target: /usr/local/bin/docker-entrypoint.sh
mode: 0555
- source: turnserver_conf
target: /etc/coturn/turnserver.conf
secrets:
- turn_secret
environment:
ENABLE_HTTPS_PROXY: "true"
user: root
entrypoint: /usr/local/bin/docker-entrypoint.sh
network_mode: host
# greenlight
greenlight:
image: bigbluebutton/greenlight:v3.1.0
depends_on:
- postgres
- redis
environment:
# DATABASE_URL is being set by entrypoint.greenlight.sh
REDIS_URL: redis://redis:6379
BIGBLUEBUTTON_ENDPOINT: https://${DOMAIN}/bigbluebutton/api
# BIGBLUEBUTTON_SECRET is being set by entrypoint.greenlight.sh
# SECRET_KEY_BASE is being set by entrypoint.greenlight.sh
RELATIVE_URL_ROOT: /
volumes:
- greenlight_data:/usr/src/app/storage
configs:
- source: entrypoint_greenlight
target: /usr/local/bin/docker-entrypoint.sh
mode: 0555
secrets:
- postgres_password
- shared_secret
- rails_secret
entrypoint: /usr/local/bin/docker-entrypoint.sh
networks:
bbb-net:
ipv4_address: 10.7.7.21 # does static ipv4 work with swarm?
# postgres for greenlight
postgres:
image: postgres:12-alpine
environment:
POSTGRES_DB: greenlight-v3
POSTGRES_USER: postgres
POSTGRES_PASSWORD_FILE: /run/secret/postgres_password
#healthcheck:
#test: ["CMD-SHELL", "pg_isready -U postgres"]
#interval: 10s
#timeout: 5s
#retries: 5
volumes:
- "postgres_data:/var/lib/postgresql/data"
secrets:
- postgres_password
networks:
bbb-net:
ipv4_address: 10.7.7.22
volumes:
html5-static:
greenlight_data:
postgres_data:
bigbluebutton:
vol-mediasoup:
vol-freeswitch:
vol-kurento:
configs:
entrypoint_greenlight:
name: ${STACK_NAME}_entrypoint_greenlight_${ENTRYPOINT_GREENLIGHT_VERSION}
file: ./entrypoint.greenlight.sh
turnserver_conf:
name: ${STACK_NAME}_turnserver_conf_${TURNSERVER_CONF_VERSION}
file: ./turnserver.conf
entrypoint_coturn:
name: ${STACK_NAME}_entrypoint_coturn_${ENTRYPOINT_COTURN_VERSION}
file: ./entrypoint.coturn.sh
entrypoint_appsakka:
name: ${STACK_NAME}_entrypoint_appsakka_${ENTRYPOINT_APPSAKKA_VERSION}
file: ./entrypoint.apps-akka.sh
entrypoint_fseslakka:
name: ${STACK_NAME}_entrypoint_fseslakka_${ENTRYPOINT_FSESLAKKA_VERSION}
file: ./entrypoint.fsesl-akka.sh
entrypoint_webrtcsfu:
name: ${STACK_NAME}_entrypoint_webrtcsfu_${ENTRYPOINT_WEBRTCSFU_VERSION}
file: ./entrypoint.webrtc-sfu.sh
mongod_conf:
name: ${STACK_NAME}_mongod_conf_${MONGOD_CONF_VERSION}
file: ./mongod.conf
init_replica:
name: ${STACK_NAME}_init_replica_${INIT_REPLICA_VERSION}
file: ./init-replica.sh
entrypoint_bbbpads:
name: ${STACK_NAME}_entrypoint_bbbpads_${ENTRYPOINT_BBBPADS_VERSION}
file: ./entrypoint.bbb-pads.sh
entrypoint_etherpad:
name: ${STACK_NAME}_entrypoint_etherpad_${ENTRYPOINT_ETHERPAD_VERSION}
file: ./entrypoint.etherpad.sh
entrypoint_freeswitch:
name: ${STACK_NAME}_entrypoint_freeswitch_${ENTRYPOINT_FREESWITCH_VERSION}
file: ./entrypoint.freeswitch.sh
entrypoint_bbbweb:
name: ${STACK_NAME}_entrypoint_bbbweb_${ENTRYPOINT_BBBWEB_VERSION}
file: ./entrypoint.bbb-web.sh
secrets:
postgres_password:
external: true
name: ${STACK_NAME}_postgres_password_${SECRET_POSTGRES_PASSWORD_VERSION}
shared_secret:
external: true
name: ${STACK_NAME}_shared_secret_${SECRET_SHARED_SECRET_VERSION}
rails_secret:
external: true
name: ${STACK_NAME}_rails_secret_${SECRET_RAILS_SECRET_VERSION}
turn_secret:
external: true
name: ${STACK_NAME}_turn_secret_${SECRET_TURN_SECRET_VERSION}
fsesl_password:
external: true
name: ${STACK_NAME}_fsesl_password_${SECRET_FSESL_PASSWORD_VERSION}
etherpad_api_key:
external: true
name: ${STACK_NAME}_etherpad_api_key_${ETHERPAD_API_KEY_VERSION}
networks:
bbb-net:
ipam:
driver: default
config:
- subnet: "10.7.7.0/24"
Reference in New Issue View Git Blame Copy Permalink