From 1fd97150f7a4b0d1d5ab6db6386a5b1cad769a14 Mon Sep 17 00:00:00 2001
From: Moritz <moritz.m@local-it.org>
Date: Tue, 6 Dec 2022 14:47:29 +0100
Subject: [PATCH] use docker secrets for bbb

---
 .env.sample | 4 +++-
 abra.sh     | 8 +++-----
 compose.yml | 5 +++++
 3 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/.env.sample b/.env.sample
index 7317c06..6c95e1b 100644
--- a/.env.sample
+++ b/.env.sample
@@ -14,7 +14,8 @@ ADMIN_USER=admin
 SECRET_DB_ROOT_PASSWORD_VERSION=v1
 SECRET_DB_PASSWORD_VERSION=v1
 SECRET_ADMIN_PASSWORD_VERSION=v1
-# SECRET_ONLYOFFICE_JWT_VERSION=v1
+SECRET_ONLYOFFICE_JWT_VERSION=v1
+SECRET_BBB_SECRET_VERSION=v1
 
 EXTRA_VOLUME=/dev/null:/tmp/.dummy
 
@@ -22,3 +23,4 @@ EXTRA_VOLUME=/dev/null:/tmp/.dummy
 # X_FRAME_OPTIONS_ALLOW_FROM=embedding-site.example.org
 # APPS="calendar sociallogin onlyoffice"
 # ONLYOFFICE_URL=https://onlyoffice.example.com
+# BBB_URL=https://talk.example.org/bigbluebutton/ # trailing slash!
diff --git a/abra.sh b/abra.sh
index 24f3b5d..7c12215 100644
--- a/abra.sh
+++ b/abra.sh
@@ -29,18 +29,16 @@ set_app_config(){
 }
 
 install_bbb(){
-    URL=$1 # https://talk.example.org/bigbluebutton/ (trailing slash!)
-    SECRET=$2 # bbb secret key
     install_apps bbb
     set_app_config bbb app.navigation true
-    set_app_config bbb api.url "$URL"
-    set_app_config bbb api.secret "$SECRET"
+    set_app_config bbb api.url "$BBB_URL"
+    set_app_config bbb api.secret "$(cat /run/secrets/bbb_secret)"
 }
 
 
 install_onlyoffice(){
     install_apps onlyoffice
     set_app_config onlyoffice DocumentServerUrl "$ONLYOFFICE_URL"
-    set_app_config onlyoffice jwt_secret $(cat /run/secrets/onlyoffice_jwt)
+    set_app_config onlyoffice jwt_secret "$(cat /run/secrets/onlyoffice_jwt)"
     set_app_config onlyoffice customizationForcesave true
 }
diff --git a/compose.yml b/compose.yml
index 372ceec..2e249cf 100644
--- a/compose.yml
+++ b/compose.yml
@@ -49,6 +49,7 @@ services:
       - db_password
       - admin_password
       - onlyoffice_jwt
+      - bbb_secret
     environment:
       - APPS
       - X_FRAME_OPTIONS_ALLOW_FROM
@@ -67,6 +68,7 @@ services:
       - OVERWRITEPROTOCOL=https
       - PHP_MEMORY_LIMIT=1G
       - ONLYOFFICE_URL
+      - BBB_URL
     volumes:
       - nextcloud:/var/www/html/
       - nextapps:/var/www/html/custom_apps:cached
@@ -116,6 +118,9 @@ secrets:
   onlyoffice_jwt:
     external: true
     name: ${STACK_NAME}_onlyoffice_jwt_${SECRET_ONLYOFFICE_JWT_VERSION}
+  bbb_secret:
+    external: true
+    name: ${STACK_NAME}_bbb_secret_${SECRET_BBB_SECRET_VERSION}
 
 volumes:
   nextcloud: