diff --git a/bigbluebutton-html5/Dockerfile b/bigbluebutton-html5/Dockerfile index 8e4b24cb17..bb8d36b01f 100644 --- a/bigbluebutton-html5/Dockerfile +++ b/bigbluebutton-html5/Dockerfile @@ -18,7 +18,8 @@ USER meteor RUN cd /source \ && meteor npm install \ - && meteor build --directory /app + && meteor build --directory /app \ + && rm -r /source ENV NODE_ENV production diff --git a/bigbluebutton-html5/docker-entrypoint.sh b/bigbluebutton-html5/docker-entrypoint.sh index 576313a793..951269c881 100755 --- a/bigbluebutton-html5/docker-entrypoint.sh +++ b/bigbluebutton-html5/docker-entrypoint.sh @@ -1,5 +1,5 @@ #!/bin/bash -e -export METEOR_SETTINGS=` jq "${METEOR_SETTINGS_MODIFIER}" /source/private/config/settings-production.json ` +export METEOR_SETTINGS=` jq "${METEOR_SETTINGS_MODIFIER}" ./programs/server/assets/app/config/settings-production.json ` node main.js diff --git a/bigbluebutton-web/turn-stun-servers.xml.tmpl b/bigbluebutton-web/turn-stun-servers.xml.tmpl index 238ca04544..534aff2950 100644 --- a/bigbluebutton-web/turn-stun-servers.xml.tmpl +++ b/bigbluebutton-web/turn-stun-servers.xml.tmpl @@ -24,21 +24,27 @@ with BigBlueButton; if not, see . http://www.springframework.org/schema/beans/spring-beans-2.5.xsd "> + + + + - + - + - + + + diff --git a/labs/docker/coturn/turnserver.conf.tmpl b/labs/docker/coturn/turnserver.conf.tmpl index 209455fa3f..c9810fb822 100644 --- a/labs/docker/coturn/turnserver.conf.tmpl +++ b/labs/docker/coturn/turnserver.conf.tmpl @@ -1,16 +1,9 @@ listening-port={{ .Env.PORT }} -tls-listening-port={{ .Env.PORT_TLS}} min-port=49152 max-port=65535 fingerprint lt-cred-mech realm={{ .Env.SERVER_DOMAIN }} -cert={{ .Env.SSL_CERT_PATH }} -pkey={{ .Env.SSL_KEY_PATH }} -cipher-list="ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS:!AES256" -dh-file={{ .Env.SSL_DHPARAM_PATH }} -no-tlsv1 -no-tlsv1_1 external-ip={{ .Env.EXTERNAL_IP }} {{ if isTrue .Env.ENABLE_REST_API }} diff --git a/labs/docker/docker-compose.yml b/labs/docker/docker-compose.yml index be9b3cbc46..2bd8abbc75 100644 --- a/labs/docker/docker-compose.yml +++ b/labs/docker/docker-compose.yml @@ -64,22 +64,15 @@ services: coturn: image: ${TAG_PREFIX}bbb-coturn${TAG_SUFFIX} restart: unless-stopped - volumes: - - ssl-conf:/etc/nginx/ssl environment: - SERVER_DOMAIN: ${SERVER_DOMAIN} - SSL_CERT_PATH: /etc/nginx/ssl/live/${SERVER_DOMAIN}/fullchain.pem - SSL_KEY_PATH: /etc/nginx/ssl/live/${SERVER_DOMAIN}/privkey.pem - SSL_DHPARAM_PATH: /etc/nginx/ssl/dhp-2048.pem + TURN_DOMAIN: ${SERVER_DOMAIN} SECRET: ${COTURN_REST_SECRET} EXTERNAL_IP: ${EXTERNAL_IP} ENABLE_REST_API: 1 PORT: 3478 - PORT_TLS: 5349 ports: - 3478:3478/udp - 3478:3478/tcp - - 5349:5349/tcp kurento: image: ${TAG_PREFIX}bbb-kurento${TAG_SUFFIX} @@ -119,6 +112,7 @@ services: environment: SERVER_DOMAIN: ${SERVER_DOMAIN} SHARED_SECRET: ${SHARED_SECRET} + TURN_DOMAIN: ${SERVER_DOMAIN} TURN_SECRET: ${COTURN_REST_SECRET} labels: - "traefik.backend=bbb-web" @@ -143,12 +137,26 @@ services: - 80:80 - 8080:8080 - 443:443 - command: traefik --docker --defaultentrypoints=http + command: traefik + - --docker + - --logLevel=INFO + - --acme + - --acme.httpchallenge + - --acme.httpchallenge.entrypoint=http + - --acme.acmelogging + - --acme.storage=/etc/traefik/acme/acme.json + - --acme.email=felipe@mconf.com + - --acme.entrypoint=https + - --acme.domains=${SERVER_DOMAIN} + - --defaultentrypoints=http,https + - --entryPoints='Name:http Address::80 Redirect.EntryPoint:https' + - --entryPoints='Name:https Address::443 TLS' volumes: + - traefik-acme:/etc/traefik/acme/ - /var/run/docker.sock:/var/run/docker.sock volumes: - ssl-conf: + traefik-acme: static: bigbluebutton: media-audio: