Michelle/scalelite-run
1
0
Fork 0
mirror of https://github.com/michelleDeko/scalelite-run.git synced 2025-12-16 22:32:10 +01:00
Code Issues Packages Projects Releases Wiki Activity

standardized docker-compose to 1 single image

Browse Source
This commit is contained in:
jfederico
2021-06-18 13:39:57 -04:00
parent 7ca9d06a88
commit bc94d63d71
7 changed files with 191 additions and 90 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored
View File

@@ -6,11 +6,10 @@
/scalelite/tmp*
/data/*
/data/proxy/nginx/log/*
!/data/proxy/nginx/log/.keep
/data/proxy/nginx/sites-enabled/*
!/data/proxy/nginx/sites-enabled/.keep
!/data/nginx/
!/data/proxy/
/data/redis/db/*
!/data/redis/
/tmp*

0
data/proxy/nginx/log/.keep
View File

43
data/proxy/nginx/sites.template.scalelite-local
View File

@@ -37,39 +37,28 @@ server {
#ssl_certificate /etc/ssl/fullchain.pem;
#ssl_certificate_key /etc/ssl/privkey.pem;
location /health_check {
proxy_pass http://docker-scalelite-api;
include /etc/nginx/sites-common;
}
location /bigbluebutton/api/ {
proxy_pass http://docker-scalelite-api;
include /etc/nginx/sites-common;
}
proxy_read_timeout 60s;
proxy_redirect off;
location /presentation/ {
proxy_pass http://docker-scalelite-recordings;
include /etc/nginx/sites-common;
}
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
location /playback/ {
proxy_pass http://docker-scalelite-recordings;
include /etc/nginx/sites-common;
}
location / {
proxy_pass http://docker-scalelite-recordings;
proxy_read_timeout 60s;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass http://docker-scalelite-api/health_check;
include /etc/nginx/sites-common;
}
}

81
data/redis/conf/redis.conf Normal file
View File

@@ -0,0 +1,81 @@
bind 0.0.0.0
protected-mode no
masterauth "redisTLSTest2021@@"
requirepass "redisTLSTest2021@@"
port 0
tcp-backlog 511
timeout 300
tcp-keepalive 300
daemonize no
supervised no
pidfile /var/run/redis.pid
loglevel notice
#logfile "/var/log/redis/redis.log"
databases 16
always-show-logo no
stop-writes-on-bgsave-error yes
rdbcompression yes
rdbchecksum yes
# The filename where to dump the DB
dbfilename dump_6479.rdb
replica-serve-stale-data yes
replica-read-only yes
repl-diskless-sync no
repl-diskless-sync-delay 5
repl-timeout 60
repl-disable-tcp-nodelay no
replica-priority 100
maxclients 10000
# maxmemory-policy noeviction
lazyfree-lazy-eviction no
lazyfree-lazy-expire no
lazyfree-lazy-server-del no
replica-lazy-flush no
appendonly yes
appendfilename "appendonly.aof"
appendfsync everysec
no-appendfsync-on-rewrite no
auto-aof-rewrite-percentage 100
auto-aof-rewrite-min-size 64mb
aof-load-truncated yes
aof-use-rdb-preamble yes
lua-time-limit 5000
cluster-config-file redis_cluster.conf
cluster-node-timeout 15000
cluster-enabled yes
# cluster-replica-validity-factor 10
# cluster-require-full-coverage yes
slowlog-log-slower-than 10000
slowlog-max-len 128
latency-monitor-threshold 0
notify-keyspace-events ""
list-max-ziplist-size -2
activerehashing yes
client-output-buffer-limit normal 0 0 0
client-output-buffer-limit replica 256mb 64mb 60
client-output-buffer-limit pubsub 32mb 8mb 60
hz 10
dynamic-hz yes
rdb-save-incremental-fsync yes
### TLS
tls-port 7379
tls-cert-file /etc/letsencrypt/archive/sl.jesus.123it.ca/cert3.pem
tls-key-file /etc/letsencrypt/archive/sl.jesus.123it.ca/privkey3.pem
tls-ca-cert-file /etc/letsencrypt/archive/sl.jesus.123it.ca/chain3.pem
tls-auth-clients no
# tls-auth-clients optional
tls-replication yes
tls-cluster yes
# Explicitly specify TLS versions to support. Allowed values are case insensitive
# and include "TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3" (OpenSSL >= 1.1.1) or
# any combination. To enable only TLSv1.2 and TLSv1.3, use:
#
tls-protocols "TLSv1.2 TLSv1.3"
# By default, TLS session caching is enabled to allow faster and less expensive
# reconnections by clients that support it. Use the following directive to disable
# caching.
tls-session-caching no

59
docker-compose-dev.yml
View File

@@ -25,23 +25,26 @@ services:
image: postgres:11-alpine
container_name: postgres
restart: unless-stopped
volumes:
- postgres-data-dev:/var/lib/postgresql/data
ports:
- "5432:5432"
environment:
- POSTGRES_USER=${POSTGRES_USER:-postgres}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password}
volumes:
- postgres-data-dev:/var/lib/postgresql/data
redis:
image: redis:5.0-alpine
command: ["redis-server", "--appendonly", "yes"]
image: redis:6.2-alpine
container_name: redis
restart: unless-stopped
volumes:
- redis-data-dev:/data
ports:
- "6379:6379"
volumes:
- redis-data-dev:/data
- ./data/redis/conf/redis.conf:/usr/local/etc/redis/redis.conf
- ./data/certbot/conf/:/etc/letsencrypt
# command: ["redis-server", "/usr/local/etc/redis/redis.conf"]
command: ["redis-server", "--appendonly", "yes"]
certbot:
image: certbot/certbot
@@ -56,27 +59,25 @@ services:
image: nginx:1.18
container_name: scalelite-proxy
restart: unless-stopped
volumes:
- ./data/proxy/nginx/log/:/var/log/nginx
- ./data/proxy/nginx/sites.template.${DOCKER_PROXY_NGINX_TEMPLATE:-scalelite-proxy}:/etc/nginx/sites.template
- ./data/proxy/nginx/sites-common:/etc/nginx/sites-common
- ./data/certbot/conf/:/etc/letsencrypt
- ./data/certbot/www/:/var/www/certbot
ports:
- "80:80"
- "443:443"
environment:
- NGINX_HOSTNAME=${URL_HOST:-xlab.blindside-dev.com}
volumes:
- ./log/proxy-nginx/:/var/log/nginx
- ./data/proxy/nginx/sites.template.${DOCKER_PROXY_NGINX_TEMPLATE:-scalelite-proxy}:/etc/nginx/sites.template
- ./data/proxy/nginx/sites-common:/etc/nginx/sites-common
- ./data/certbot/conf/:/etc/letsencrypt
- ./data/certbot/www/:/var/www/certbot
depends_on:
- certbot
- scalelite-api
- scalelite-recordings
command: /bin/bash -c "envsubst '$$NGINX_HOSTNAME' < /etc/nginx/sites.template > /etc/nginx/conf.d/default.conf && exec nginx -g 'daemon off;'"
logging:
driver: journald
scalelite-recordings:
image: bigbluebutton/bbb-playback-proxy:bionic-23-dev-alpine3.11
image: ${SCALELITE_RECORDINGS_DOCKER_IMAGE:-bigbluebutton/bbb-playback-proxy:bionic-230-alpine}
container_name: scalelite-recordings
restart: unless-stopped
volumes:
@@ -86,19 +87,20 @@ services:
- scalelite-api
scalelite-api:
image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.0}
image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1}
container_name: scalelite-api
restart: unless-stopped
volumes:
- ./log/scalelite/:/app/log
- ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton
env_file:
- .env
environment:
- SECRET_KEY_BASE=${SECRET_KEY_BASE}
- LOADBALANCER_SECRET=${LOADBALANCER_SECRET}
- REDIS_URL=${REDIS_URL:-redis://redis:6379}
- DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5}
- RECORDING_DISABLED=${RECORDING_DISABLED-false}
- SERVER_ID_IS_HOSTNAME=${SERVER_ID_IS_HOSTNAME-false}
- RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT}
volumes:
- ./log/scalelite-api/:/srv/scalelite/log/
- ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton
depends_on:
- postgres
- redis
@@ -106,13 +108,17 @@ services:
driver: journald
scalelite-poller:
image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.0}
image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1}
container_name: scalelite-poller
restart: unless-stopped
env_file:
- .env
environment:
- REDIS_URL=${REDIS_URL:-redis://redis:6379}
- DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5}
- SERVER_ID_IS_HOSTNAME=${SERVER_ID_IS_HOSTNAME-false}
- RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT}
volumes:
- ./log/scalelite-poller/:/app/log
command: /bin/sh -c "bin/start-poller"
depends_on:
- scalelite-api
@@ -120,14 +126,17 @@ services:
driver: journald
scalelite-recording-importer:
image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.0}
image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1}
container_name: scalelite-recording-importer
restart: unless-stopped
env_file:
- .env
environment:
- REDIS_URL=${REDIS_URL:-redis://redis:6379}
- DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5}
- RECORDING_DISABLED=false
- RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT}
volumes:
- ./log/scalelite-recording-importer/:/app/log
- ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton
- ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}/spool:/var/bigbluebutton/spool
command: /bin/sh -c "bin/start-recording-importer"

89
docker-compose.yml
View File

@@ -9,61 +9,77 @@ services:
image: postgres:11-alpine
container_name: postgres
restart: unless-stopped
volumes:
- postgres-data:/var/lib/postgresql/data
environment:
- POSTGRES_USER=${POSTGRES_USER:-postgres}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password}
volumes:
- postgres-data:/var/lib/postgresql/data
redis:
image: redis:5.0-alpine
command: ["redis-server", "--appendonly", "yes"]
image: redis:6.2-alpine
container_name: redis
restart: unless-stopped
volumes:
- redis-data:/data
- ./data/redis/conf/redis.conf:/usr/local/etc/redis/redis.conf
- ./data/certbot/conf/:/etc/letsencrypt
command: ["redis-server", "--appendonly", "yes"]
certbot:
image: certbot/certbot
container_name: certbot
volumes:
- ./log/certbot:/var/log/letsencrypt
- ./data/certbot/conf:/etc/letsencrypt
- ./data/certbot/www:/var/www/certbot
- ./log/certbot/:/var/log/letsencrypt
- ./data/certbot/conf/:/etc/letsencrypt
- ./data/certbot/www/:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
scalelite-nginx:
image: ${SCALELITE_REPO:-blindsidenetwks}/scalelite:${SCALELITE_TAG:-v1}-nginx
container_name: scalelite-nginx
scalelite-proxy:
image: nginx:1.18
container_name: scalelite-proxy
restart: unless-stopped
ports:
- "80:80"
- "443:443"
volumes:
- ./log/nginx/:/var/log/nginx
- ./data/certbot/conf:/etc/nginx/ssl
- ./data/certbot/www:/var/www/certbot
- ./data/nginx/scalelite:/etc/nginx/conf.d/scalelite
- ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}/published:/var/bigbluebutton/published
environment:
- NGINX_SSL=${NGINX_SSL-true}
- URL_HOST=${URL_HOST}
- NGINX_HOSTNAME=${URL_HOST:-xlab.blindside-dev.com}
volumes:
- ./log/proxy-nginx/:/var/log/nginx
- ./data/proxy/nginx/sites.template.${DOCKER_PROXY_NGINX_TEMPLATE:-scalelite-proxy}:/etc/nginx/sites.template
- ./data/proxy/nginx/sites-common:/etc/nginx/sites-common
- ./data/certbot/conf/:/etc/letsencrypt
- ./data/certbot/www/:/var/www/certbot
depends_on:
- certbot
- scalelite-api
- scalelite-recordings
command: /bin/bash -c "envsubst '$$NGINX_HOSTNAME' < /etc/nginx/sites.template > /etc/nginx/conf.d/default.conf && exec nginx -g 'daemon off;'"
scalelite-recordings:
image: ${SCALELITE_RECORDINGS_DOCKER_IMAGE:-bigbluebutton/bbb-playback-proxy:bionic-230-alpine}
container_name: scalelite-recordings
restart: unless-stopped
volumes:
- ./log/recordings/:/var/log/nginx
- ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}/published:/var/bigbluebutton/published
depends_on:
- scalelite-api
scalelite-api:
image: ${SCALELITE_REPO:-blindsidenetwks}/scalelite:${SCALELITE_TAG:-v1}-api
image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1}
container_name: scalelite-api
restart: unless-stopped
volumes:
- ./log/scalelite/:/app/log
- ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton
env_file:
- .env
environment:
- SECRET_KEY_BASE=${SECRET_KEY_BASE}
- LOADBALANCER_SECRET=${LOADBALANCER_SECRET}
- REDIS_URL=${REDIS_URL:-redis://redis:6379}
- DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5}
- URL_HOST=${URL_HOST}
- RECORDING_DISABLED=${RECORDING_DISABLED-false}
- SERVER_ID_IS_HOSTNAME=${SERVER_ID_IS_HOSTNAME-false}
- RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT}
volumes:
- ./log/scalelite-api/:/srv/scalelite/log/
- ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton
depends_on:
- postgres
- redis
@@ -71,32 +87,39 @@ services:
driver: journald
scalelite-poller:
image: ${SCALELITE_REPO:-blindsidenetwks}/scalelite:${SCALELITE_TAG:-v1}-poller
image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1}
container_name: scalelite-poller
restart: unless-stopped
env_file:
- .env
environment:
- REDIS_URL=${REDIS_URL:-redis://redis:6379}
- DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5}
- SERVER_ID_IS_HOSTNAME=${SERVER_ID_IS_HOSTNAME-false}
- RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT}
volumes:
- ./log/scalelite-poller/:/app/log
command: /bin/sh -c "bin/start-poller"
depends_on:
- postgres
- redis
- scalelite-api
logging:
driver: journald
scalelite-recording-importer:
image: ${SCALELITE_REPO:-blindsidenetwks}/scalelite:${SCALELITE_TAG:-v1}-recording-importer
image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1}
container_name: scalelite-recording-importer
restart: unless-stopped
env_file:
- .env
environment:
- REDIS_URL=${REDIS_URL:-redis://redis:6379}
- DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5}
- RECORDING_DISABLED=false
- RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT}
volumes:
- ./log/scalelite-recording-importer/:/app/log
- ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton
- ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}/spool:/var/bigbluebutton/spool
command: /bin/sh -c "bin/start-recording-importer"
depends_on:
- postgres
- redis
- scalelite-api
logging:
driver: journald

2
init-letsencrypt.sh
View File

@@ -13,7 +13,7 @@ fi
URL_HOST=$(grep URL_HOST .env | cut -d '=' -f2)
echo $URL_HOST
domains=($URL_HOST)
domains=($URL_HOST,redis.$URL_HOST)
rsa_key_size=4096
data_path="./data/certbot"
email="$LETSENCRYPT_EMAIL" # Adding a valid address is strongly recommended