From d5e973802bbb20ec621b3ab57fc95fa79c4dd784 Mon Sep 17 00:00:00 2001 From: jfederico Date: Mon, 17 Oct 2022 10:35:17 -0400 Subject: [PATCH] back-up of all changes --- .gitignore | 1 + README-dev.md | 46 ++++ README.md | 44 ++-- data/proxy/haproxy/haproxy.cfg | 10 + ...plate.scalelite-greenlight-local-protected | 153 ++++++++++++ docker-compose-dev-gl.yml | 219 ++++++++++++++++++ docker-compose-dev.yml | 7 + docker-compose-redis.yml | 15 ++ docker-compose-ssl.yml | 125 ++++++++++ docker-compose.yml | 1 - dotenv | 6 +- 11 files changed, 596 insertions(+), 31 deletions(-) create mode 100644 README-dev.md create mode 100644 data/proxy/haproxy/haproxy.cfg create mode 100644 data/proxy/nginx/sites.template.scalelite-greenlight-local-protected create mode 100644 docker-compose-dev-gl.yml create mode 100644 docker-compose-redis.yml create mode 100644 docker-compose-ssl.yml diff --git a/.gitignore b/.gitignore index 8f8ae61..fba8d37 100644 --- a/.gitignore +++ b/.gitignore @@ -10,6 +10,7 @@ !/data/proxy/ /data/redis/db/* !/data/redis/ +/data/postgres/* /tmp* diff --git a/README-dev.md b/README-dev.md new file mode 100644 index 0000000..5d55482 --- /dev/null +++ b/README-dev.md @@ -0,0 +1,46 @@ +- Install a BBB server +- Add a BBB server + +# Setup recordings + +## Configuring the BBB server + +Init the bbb server as explained in the documentation + +Edit the `/home/bigbluebutton/.ssh/config` file + +1. make sure the configured domain points to your local machine as this user needs to ssh to it + +2. replace the default bigbluebutton with your own username (as you don't want to add bigbluebutton username to your local machine) + +Host scalelite-spool + HostName sl.jesus.blindside-dev.com + User + Port 22 + IdentityFile /home/bigbluebutton/.ssh/id_rsa + +3. In your local machine, add the public key generated for the bigbluebutton user in the bbb machine into your own `~/.ssh/authorized_keys` file. + +4. ssh into your own computer using the config env_file +ssh scalelite-spool + +5. Edit the variable that indicates where the files will be placed + +Edit `/usr/local/bigbluebutton/core/scripts/scalelite.yml` + +``` +# spool_dir: scalelite-spool:/var/bigbluebutton/spool ## original +spool_dir: scalelite-spool:/home//spool ## adapted +``` + +Accept the key, this is done only once. + +## Final touches in your Local Machine + +1. Make sure your user has rights to write in the `/mnt/scalelite-recordings/var/bigbluebutton/spool/` + +sudo chown -R root. /mnt/scalelite-recordings/var/bigbluebutton/spool/ + +2. Create a symbolic link to that spool directory + +ln -s /mnt/scalelite-recordings/var/bigbluebutton/spool/ /home/YOUR_USERNAME/spool diff --git a/README.md b/README.md index d02612b..8a8256c 100644 --- a/README.md +++ b/README.md @@ -1,24 +1,33 @@ # scalelite-run + A simple way to deploy Scalelite as for production using docker-compose. ## Overview + [Scalelite](https://github.com/blindsidenetworks/scalelite) is an open-source load balancer, designed specifically for [BigBlueButton](https://bigbluebutton.org/), that evenly spreads the meeting load over a pool of BigBlueButton servers. It makes the pool of BigBlueButton servers appear to a front-end application such as Moodle [2], as a single and yet very scalable BigBlueButton server. -It was released by [Blindside Networks](https://blindsidenetworks.com/) under the AGPL license on March 13, 2020, in response to the high demand of Universities looking into scaling BigBlueButton as a [result of the COVID-19 pandemic](https://campustechnology.com/articles/2020/03/03/coronavirus-pushes-online-learning-forward.aspx). +It was released by [Blindside Networks](https://blindsidenetworks.com/) under the AGPL license on March 13, 2020, in response to the high demand of Universities looking into scaling BigBlueButton in response to the [COVID-19 pandemic lock-downs](https://campustechnology.com/articles/2020/03/03/coronavirus-pushes-online-learning-forward.aspx). The full source code is available on GitHub and pre-built docker images can be found on [DockerHub](https://hub.docker.com/r/blindsidenetwks/scalelite). Scaleite itself is a ruby on rails application. -For its deployment it is required some experience with bigbluebutton and scalelite itself, and all the tools and components used as part of the stack such as redis, postgres, nginx, docker and docker-compose, as well as ubuntu and AWS infrastructure. +For its deployment it is required some experience with BigBlueButton and Scalelite itself, and all the tools and components used as part of the stack such as redis, postgres, nginx, docker and docker-compose, as well as ubuntu and AWS infrastructure. For those new to system administration or any of the components mentioned the article [Scalelite lazy deployment -](https://jffederico.medium.com/scalelite-lazy-deployment-745a7be849f6) is a step-vy-step guide on how to complete a full installation of Scalelite on AWS using this script. Also [Scalelite lazy deployment (Part II)](https://jffederico.medium.com/scalelite-lazy-deployment-part-ii-ca3e4bf82f8d) is a step-by-step guide to complete the installation with support for recordings. - +](https://jffederico.medium.com/scalelite-lazy-deployment-745a7be849f6) is a step-by-step guide on how to complete a full installation of Scalelite on AWS using this script. Also [Scalelite lazy deployment (Part II)](https://jffederico.medium.com/scalelite-lazy-deployment-part-ii-ca3e4bf82f8d) is a step-by-step guide to complete the installation with support for recordings. ## Installation (short version) -On an Ubuntu 20.04 machine (AWS EC2 instance, LXC container, VMWare machine etc). +On an Ubuntu 22.04 machine available to the Internet (AWS EC2 instance, LXC container, VMWare machine etc). + +### Prerequisites + +This machine needs to be updated and have installed: + +- Git +- [Docker](https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-22-04) +- [Docker Compose](https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-compose-on-ubuntu-22-04) ### Fetching the scripts @@ -28,6 +37,7 @@ cd scalelite-run ``` ### Initializing environment variables + Create a new .env file based on the dotenv file included. ``` @@ -40,13 +50,6 @@ Most required variables are pre-set by default, the ones that must be set before SECRET_KEY_BASE= LOADBALANCER_SECRET= URL_HOST= -NGINX_SSL= -``` - -Also, when using the `init-letsencrypt.sh` script, you should add the email. - -``` -LETSENCRYPT_EMAIL= ``` Obtain the value for SECRET_KEY_BASE and LOADBALANCER_SECRET with: @@ -56,23 +59,10 @@ sed -i "s/SECRET_KEY_BASE=.*/SECRET_KEY_BASE=$(openssl rand -hex 64)/" .env sed -i "s/LOADBALANCER_SECRET=.*/LOADBALANCER_SECRET=$(openssl rand -hex 24)/" .env ``` -Set the hostname on URL_HOST (E.g. scalelite.example.com) - -When using a SSL certificate set NGINX_SSL to true - -Your final .env file should look like this: +Set the hostname on URL_HOST (E.g. sl.example.com) ``` -SECRET_KEY_BASE=a7441a3548b9890a8f12b385854743f3101fd7fac9353f689fc4fa4f2df6cdcd1f58bdf6a02ca0d35a611b9063151d70986bad8123a73244abb2a11763847a45 -LOADBALANCER_SECRET=c2d3a8e27844d56060436f3129acd945d7531fe77e661716 -URL_HOST=scalelite.example.com -NGINX_SSL=true -``` - -For using a SSL certificate signed by Let’s Encrypt, generate the certificates. - -``` -./init-letsencrypt.sh +sed -i "s/URL_HOST=.*/URL_HOST=sl.example.com" .env ``` Start the services. diff --git a/data/proxy/haproxy/haproxy.cfg b/data/proxy/haproxy/haproxy.cfg new file mode 100644 index 0000000..833f6b9 --- /dev/null +++ b/data/proxy/haproxy/haproxy.cfg @@ -0,0 +1,10 @@ +global + daemon + maxconn 4096 +defaults + timeout connect 5000ms + timeout client 50000ms + timeout server 50000ms +frontend http-in + mode http + bind *:80 diff --git a/data/proxy/nginx/sites.template.scalelite-greenlight-local-protected b/data/proxy/nginx/sites.template.scalelite-greenlight-local-protected new file mode 100644 index 0000000..d28d200 --- /dev/null +++ b/data/proxy/nginx/sites.template.scalelite-greenlight-local-protected @@ -0,0 +1,153 @@ +#### For + +upstream docker-scalelite-api { + server sl.$NGINX_DOMAINNAME:3000; +} + +upstream docker-scalelite-recordings { + server scalelite-recordings:80; +} + +server { + server_name sl.$NGINX_DOMAINNAME; + + listen 80; + listen [::]:80; + + location /.well-known/acme-challenge/ { + root /var/www/certbot; + } + + location / { + return 301 https://$host$request_uri; + } +} + +server { + server_name sl.$NGINX_DOMAINNAME; + + listen 443 ssl; + listen [::]:443 ssl; + + ## Configuration for Letsencrypt SSL Certificate + ssl_certificate /etc/letsencrypt/live/sl.$NGINX_DOMAINNAME/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/sl.$NGINX_DOMAINNAME/privkey.pem; + + ## Configuration for SSL Certificate from a CA other than LetsEncrypt + #ssl_certificate /etc/ssl/fullchain.pem; + #ssl_certificate_key /etc/ssl/privkey.pem; + + location /health_check { + proxy_pass http://docker-scalelite-api; + include /etc/nginx/sites-common; + } + + location /static-resource/ { + rewrite /static-resource(/|$)(.*) /$2 break; + proxy_pass http://docker-scalelite-recordings; + include /etc/nginx/sites-common; + internal; + } + + location /playback { + proxy_pass http://docker-scalelite-recordings; + include /etc/nginx/sites-common; + } + + location / { + proxy_pass http://docker-scalelite-api; + include /etc/nginx/sites-common; + } +} + +#### For + +upstream docker-greenlight { + server gl.$NGINX_DOMAINNAME:3080; +} + +server { + server_name gl.$NGINX_DOMAINNAME; + + listen 80; + listen [::]:80; + + location /.well-known/acme-challenge/ { + root /var/www/certbot; + } + + location / { + return 301 https://$host$request_uri; + } +} + +server { + server_name gl.$NGINX_DOMAINNAME *.gl.$NGINX_DOMAINNAME; + + listen 443 ssl; + listen [::]:443 ssl; + + ## Configuration for Letsencrypt SSL Certificate + ssl_certificate /etc/letsencrypt/live/gl.$NGINX_DOMAINNAME/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/gl.$NGINX_DOMAINNAME/privkey.pem; + + ## Configuration for SSL Certificate from a CA other than LetsEncrypt + #ssl_certificate /etc/ssl/fullchain.pem; + #ssl_certificate_key /etc/ssl/privkey.pem; + + location /health_check { + proxy_pass http://docker-greenlight; + include /etc/nginx/sites-common; + } + + location / { + proxy_pass http://docker-greenlight; + include /etc/nginx/sites-common; + } +} + +#### For + +upstream docker-greenlight-launcher { + server gll.$NGINX_DOMAINNAME:3081; +} + +server { + server_name gll.$NGINX_DOMAINNAME; + + listen 80; + listen [::]:80; + + location /.well-known/acme-challenge/ { + root /var/www/certbot; + } + + location / { + return 301 https://$host$request_uri; + } +} + +server { + server_name gll.$NGINX_DOMAINNAME; + + listen 443 ssl; + listen [::]:443 ssl; + + ## Configuration for Letsencrypt SSL Certificate + ssl_certificate /etc/letsencrypt/live/gll.$NGINX_DOMAINNAME/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/gll.$NGINX_DOMAINNAME/privkey.pem; + + ## Configuration for SSL Certificate from a CA other than LetsEncrypt + #ssl_certificate /etc/ssl/fullchain.pem; + #ssl_certificate_key /etc/ssl/privkey.pem; + + location /health_check { + proxy_pass http://docker-greenlight; + include /etc/nginx/sites-common; + } + + location / { + proxy_pass http://docker-greenlight-launcher; + include /etc/nginx/sites-common; + } +} diff --git a/docker-compose-dev-gl.yml b/docker-compose-dev-gl.yml new file mode 100644 index 0000000..6cee08b --- /dev/null +++ b/docker-compose-dev-gl.yml @@ -0,0 +1,219 @@ +version: '3' + +volumes: + postgres-data-dev: + driver: local + driver_opts: + type: 'none' + o: 'bind' + device: '${DOCKER_VOL_POSTGRES_DATA}' + redis-data-dev: + driver: local + driver_opts: + type: 'none' + o: 'bind' + device: '${DOCKER_VOL_REDIS_DATA}' + +services: + postgres: + image: postgres:11-alpine + container_name: postgres + restart: unless-stopped + ports: + - "5432:5432" + environment: + - POSTGRES_USER=${POSTGRES_USER:-postgres} + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password} + volumes: + - postgres-data-dev:/var/lib/postgresql/data + + redis: + image: redis:6.2-alpine + container_name: redis + restart: unless-stopped + ports: + - "6379:6379" + volumes: + - redis-data-dev:/data + - ./data/redis/conf/redis.conf:/usr/local/etc/redis/redis.conf + - ./data/certbot/conf/:/etc/letsencrypt +# command: ["redis-server", "/usr/local/etc/redis/redis.conf"] + command: ["redis-server", "--appendonly", "yes"] + + certbot: + image: certbot/certbot + container_name: certbot + volumes: + - ./log/certbot/:/var/log/letsencrypt + - ./data/certbot/conf/:/etc/letsencrypt + - ./data/certbot/www/:/var/www/certbot + entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'" + + # scalelite-haproxy: + # image: haproxy:alpine + # container_name: scalelite-haproxy + # restart: always + # ports: + # - "80:80" + # - "443:443" + # volumes: + # - ./data/proxy/haproxy/:/usr/local/etc/haproxy + # networks: + # - default + + nginx: + image: nginx:1.18 +# Custom nginx with amazonlinux +# image: blindsidenetwks/nginx:amazonlinux + container_name: nginx + restart: unless-stopped + ports: + - "80:80" + - "443:443" + environment: + - NGINX_DOMAINNAME=${DOMAIN_NAME:-xlab.blindside-dev.com} + volumes: + - ./log/proxy-nginx/:/var/log/nginx + - ./data/proxy/nginx/sites.template.${DOCKER_PROXY_NGINX_TEMPLATE:-scalelite-proxy}:/etc/nginx/sites.template + - ./data/proxy/nginx/sites-common:/etc/nginx/sites-common + - ./data/certbot/conf/:/etc/letsencrypt + - ./data/certbot/www/:/var/www/certbot + depends_on: + - certbot + - scalelite-api + - scalelite-recordings + - greenlight + - greenlight-launcher + command: /bin/bash -c "envsubst '$$NGINX_DOMAINNAME' < /etc/nginx/sites.template > /etc/nginx/conf.d/default.conf && exec nginx -g 'daemon off;'" + + scalelite-recordings: + image: ${SCALELITE_RECORDINGS_DOCKER_IMAGE:-bigbluebutton/bbb-playback-proxy:bionic-240-alpine} + container_name: scalelite-recordings + restart: unless-stopped + volumes: + - ./log/recordings/:/var/log/nginx + - ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}/published:/var/bigbluebutton/published + depends_on: + - scalelite-api + + scalelite-api: + image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1} + container_name: scalelite-api + restart: unless-stopped + env_file: + - .env + environment: + - REDIS_URL=${REDIS_URL:-redis://redis:6379} + - DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5} + - RECORDING_DISABLED=${RECORDING_DISABLED-false} + - SERVER_ID_IS_HOSTNAME=${SERVER_ID_IS_HOSTNAME-false} + - PROTECTED_RECORDINGS_ENABLED=${PROTECTED_RECORDINGS_ENABLED-false} + - RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT} + volumes: + - ./log/scalelite-api/:/srv/scalelite/log/ + - ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton + depends_on: + - postgres + - redis + logging: + driver: journald + + scalelite-poller: + image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1} + container_name: scalelite-poller + restart: unless-stopped + env_file: + - .env + environment: + - REDIS_URL=${REDIS_URL:-redis://redis:6379} + - SERVER_ID_IS_HOSTNAME=${SERVER_ID_IS_HOSTNAME-false} + - RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT} + volumes: + - ./log/scalelite-poller/:/app/log + command: /bin/sh -c "bin/start-poller" + depends_on: + - scalelite-api + logging: + driver: journald + + scalelite-recording-importer: + image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1} + container_name: scalelite-recording-importer + restart: unless-stopped + env_file: + - .env + environment: + - DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5} + - RECORDING_DISABLED=false + - PROTECTED_RECORDINGS_ENABLED=${PROTECTED_RECORDINGS_ENABLED-false} + - RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT} + volumes: + - ./log/scalelite-recording-importer/:/app/log + - ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton + - ${SCALELITE_RECORDING_DIR-/mnt/scalelite-recordings/var/bigbluebutton}/spool:/var/bigbluebutton/spool + command: /bin/sh -c "bin/start-recording-importer" + depends_on: + - postgres + - redis + - scalelite-api + logging: + driver: journald + + greenlight: + entrypoint: [bin/start] + image: ${GREENLIGHT_DOCKER_IMAGE:-bigbluebutton/greenlight:latest} + container_name: greenlight + restart: unless-stopped + ports: + - "3180:80" + links: + - postgres + # volumes: + # - greenlight:/usr/src/app + logging: + driver: journald + env_file: ./data/greenlight/.env + environment: + - DOMAINNAME=${DOMAIN_SUB:-xlab}.${DOMAIN_ROOT:-blindside-dev.com} + - DATABASE_URL = postgresql://postgres:password@postgres:5432/greenlight_production + - DB_ADAPTER=postgresql + - DB_HOST=postgres + - DB_PORT=5432 + - DB_NAME=greenlight_production + - DB_USERNAME=postgres + - DB_PASSWORD=password + - BN_LAUNCHER_REDIRECT_URI=https://gll.${DOMAIN_NAME:-xlab.blindside-dev.com} + - GL_CALLBACK_URL=https://gl.${DOMAIN_NAME:-xlab.blindside-dev.com} + - GREENLIGHT_SESSION_DOMAIN=${DOMAIN_NAME:-xlab.blindside-dev.com} +# - LOADBALANCER_ENDPOINT=https://lb5.${DOMAIN_SUB:-xlab}.${DOMAIN_ROOT:-blindside-dev.com}/loadbalancer/ +# - RAILS_LOG_REMOTE_NAME=udp://logs.${DOMAIN_SUB:-xlab}.${DOMAIN_ROOT:-blindside-dev.com}:1514 +# - RAILS_LOG_REMOTE_TAG=gl.${DOMAIN_SUB:-xlab}.${DOMAIN_ROOT:-blindside-dev.com}.com +# - REDIS_URL=redis://redis.${DOMAIN_SUB:-xlab}.${DOMAIN_ROOT:-blindside-dev.com}:6379 +# - SMTP_DOMAIN=${DOMAIN_ROOT:-blindside-dev.com} +# - SMTP_SENDER=no-reply@${DOMAIN_ROOT:-blindside-dev.com} +# - SMTP_SERVER=smtp.${DOMAIN_SUB:-xlab}.${DOMAIN_ROOT:-blindside-dev.com} +# - URL_HOST=gl.${DOMAIN_SUB:-xlab}.${DOMAIN_ROOT:-blindside-dev.com} + + greenlight-launcher: + entrypoint: [bin/start] + image: ${GREENLIGHT_LAUNCHER_DOCKER_IMAGE:-blindsidenetwks/greenlight-launcher:latest} + container_name: launcher + restart: unless-stopped + ports: + - "3181:3000" + links: + - postgres + logging: + driver: journald + env_file: ./data/greenlight-launcher/.env + environment: + - DOMAINNAME=${DOMAIN_NAME:-xlab.blindside-dev.com} + - DB_ADAPTER=postgresql + - DB_HOST=postgres + - DB_NAME=greenlight_launcher_production + - DB_USERNAME=postgres + - DB_PASSWORD=password + - GL_CALLBACK_URL=https://gl.${DOMAIN_NAME:-xlab.blindside-dev.com} + - GREENLIGHT_HOST=https://gl.${DOMAIN_NAME:-xlab.blindside-dev.com} + - LAUNCHER_HOST=https://gll.${DOMAIN_NAME:-xlab.blindside-dev.com} + # - LOADBALANCER_ENDPOINT=https://lb5.${DOMAIN_NAME:-xlab.blindside-dev.com}/loadbalancer/ diff --git a/docker-compose-dev.yml b/docker-compose-dev.yml index 06a73f8..e9e16d1 100644 --- a/docker-compose-dev.yml +++ b/docker-compose-dev.yml @@ -130,6 +130,7 @@ services: command: /bin/sh -c "bin/start-poller" depends_on: - scalelite-api + - redis logging: driver: journald @@ -155,3 +156,9 @@ services: - scalelite-api logging: driver: journald + + ubuntu: + image: ubuntu:22.04 + container_name: ubuntu + restart: unless-stopped + command: ["sleep","infinity"] diff --git a/docker-compose-redis.yml b/docker-compose-redis.yml new file mode 100644 index 0000000..2a8f74e --- /dev/null +++ b/docker-compose-redis.yml @@ -0,0 +1,15 @@ +version: '3' + +volumes: + redis-data: + +services: + redis: + image: redis:6.2 + container_name: redis + restart: unless-stopped + volumes: + - redis-data:/data + - ./data/redis/conf/redis.conf.template:/usr/local/etc/redis/redis.conf.template + - ./data/certbot/conf/:/etc/letsencrypt + command: /bin/sh -c "sed -e 's/$$HOSTNAME/redis.${DOMAIN_NAME:-xlab.blindside-dev.com}/' /usr/local/etc/redis/redis.conf.template > /usr/local/etc/redis/redis.conf && exec redis-server --appendonly yes" diff --git a/docker-compose-ssl.yml b/docker-compose-ssl.yml new file mode 100644 index 0000000..4407083 --- /dev/null +++ b/docker-compose-ssl.yml @@ -0,0 +1,125 @@ +version: '3' + +volumes: + postgres-data: + redis-data: + +services: + postgres: + image: postgres:11-alpine + container_name: postgres + restart: unless-stopped + environment: + - POSTGRES_USER=${POSTGRES_USER:-postgres} + - POSTGRES_PASSWORD=${POSTGRES_PASSWORD:-password} + volumes: + - postgres-data:/var/lib/postgresql/data + + redis: + image: redis:6.2-alpine + container_name: redis + restart: unless-stopped + volumes: + - redis-data:/data + - ./data/redis/conf/redis.conf.template:/usr/local/etc/redis/redis.conf.template + - ./data/certbot/conf/:/etc/letsencrypt + command: /bin/sh -c "sed -e 's/$$HOSTNAME/redis.${DOMAIN_NAME:-xlab.blindside-dev.com}/' /usr/local/etc/redis/redis.conf.template > /usr/local/etc/redis/redis.conf && exec redis-server --appendonly yes" + + certbot: + image: certbot/certbot:v1.11.0 + container_name: certbot + volumes: + - ./log/certbot/:/var/log/letsencrypt + - ./data/certbot/conf/:/etc/letsencrypt + - ./data/certbot/www/:/var/www/certbot + entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'" + + scalelite-proxy: + image: nginx:1.18 + container_name: scalelite-proxy + restart: unless-stopped + ports: + - "80:80" + - "443:443" + environment: + - NGINX_HOSTNAME=${URL_HOST:-sl.xlab.blindside-dev.com} + volumes: + - ./log/proxy-nginx/:/var/log/nginx + - ./data/proxy/nginx/sites.template.${DOCKER_PROXY_NGINX_TEMPLATE:-scalelite-proxy}:/etc/nginx/sites.template + - ./data/proxy/nginx/sites-common:/etc/nginx/sites-common + - ./data/certbot/conf/:/etc/letsencrypt + - ./data/certbot/www/:/var/www/certbot + depends_on: + - certbot + - scalelite-api + - scalelite-recordings + command: /bin/bash -c "envsubst '$$NGINX_HOSTNAME' < /etc/nginx/sites.template > /etc/nginx/conf.d/default.conf && while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g 'daemon off;'" + + scalelite-recordings: + image: ${SCALELITE_RECORDINGS_DOCKER_IMAGE:-bigbluebutton/bbb-playback-proxy:bionic-240-alpine} + container_name: scalelite-recordings + restart: unless-stopped + volumes: + - ./log/recordings/:/var/log/nginx + - ${SCALELITE_RECORDING_DIR:-/mnt/scalelite-recordings/var/bigbluebutton}/published:/var/bigbluebutton/published + depends_on: + - scalelite-api + + scalelite-api: + image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1} + container_name: scalelite-api + restart: unless-stopped + env_file: + - .env + environment: + - REDIS_URL=${REDIS_URL:-redis://redis:6379} + - DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5} + - RECORDING_DISABLED=${RECORDING_DISABLED:-false} + - SERVER_ID_IS_HOSTNAME=${SERVER_ID_IS_HOSTNAME:-false} + - RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT:-false} + volumes: + - ./log/scalelite-api/:/srv/scalelite/log/ + - ${SCALELITE_RECORDING_DIR:-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton + depends_on: + - postgres + - redis + logging: + driver: journald + + scalelite-poller: + image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1} + container_name: scalelite-poller + restart: unless-stopped + env_file: + - .env + environment: + - REDIS_URL=${REDIS_URL:-redis://redis:6379} + - SERVER_ID_IS_HOSTNAME=${SERVER_ID_IS_HOSTNAME:-false} + - RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT:-false} + volumes: + - ./log/scalelite-poller/:/app/log + command: /bin/sh -c "bin/start-poller" + depends_on: + - scalelite-api + logging: + driver: journald + + scalelite-recording-importer: + image: ${SCALELITE_DOCKER_IMAGE:-blindsidenetwks/scalelite:v1.1} + container_name: scalelite-recording-importer + restart: unless-stopped + env_file: + - .env + environment: + - DATABASE_URL=${DATABASE_URL:-postgres://postgres:password@postgres:5432/scalelite?pool=5} + - RECORDING_DISABLED=false + - RAILS_LOG_TO_STDOUT=${RAILS_LOG_TO_STDOUT:-false} + volumes: + - ./log/scalelite-recording-importer/:/app/log + - ${SCALELITE_RECORDING_DIR:-/mnt/scalelite-recordings/var/bigbluebutton}:/var/bigbluebutton + - ${SCALELITE_RECORDING_DIR:-/mnt/scalelite-recordings/var/bigbluebutton}/spool:/var/bigbluebutton/spool + command: /bin/sh -c "bin/start-recording-importer" + depends_on: + - scalelite-api + logging: + driver: journald diff --git a/docker-compose.yml b/docker-compose.yml index 1f376be..15169fa 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -55,7 +55,6 @@ services: - scalelite-recordings command: /bin/bash -c "envsubst '$$NGINX_HOSTNAME' < /etc/nginx/sites.template > /etc/nginx/conf.d/default.conf && while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g 'daemon off;'" - scalelite-recordings: image: ${SCALELITE_RECORDINGS_DOCKER_IMAGE:-bigbluebutton/bbb-playback-proxy:bionic-240-alpine} container_name: scalelite-recordings diff --git a/dotenv b/dotenv index 1d1a040..3e0e10e 100644 --- a/dotenv +++ b/dotenv @@ -1,6 +1,7 @@ ### Required by scalelite-api -# SECRET_KEY_BASE= -# LOADBALANCER_SECRET= +SECRET_KEY_BASE= +LOADBALANCER_SECRET= +URL_HOST= # ### Required by scalelite-api and scalelite-poller # REDIS_URL= @@ -12,7 +13,6 @@ ### Required by scalelite-nginx (only When using SSL) # NGINX_SSL=true # SCALELITE_NGINX_EXTRA_OPTS=--mount type=bind,source=/etc/letsencrypt,target=/etc/nginx/ssl,readonly -# URL_HOST= # ### Required when when specific repo or version (other than defaults) are needed (DEPRECATED) # SCALELITE_REPO=blindsidenetwks