Commit Graph

115 Commits

Author SHA1 Message Date
schrd
78a8ccdcb9
build: Umask fixes for 2.7 build scripts (#21366)
* Fix permissions during build of bbb-libreoffice-docker

The scripts must be executable by anyone. They are owned by root and
executed by user bigbluebutton.

* Fix permissions during build of bbb-html5

The files must be readable by mongodb. There are no secrets in the file,
so it is safe to be readable by anyone.

* Fix permissions during build of bbb-record-core

Files must be readable by user bigbluebutton.

* Fix more umask issues

Recording scripts were not executable in the builds

---------

Co-authored-by: Daniel Schreiber <daniel.schreiber@hrz.tu-chemnitz.de>
2024-10-11 08:48:52 -04:00
Daniel Schreiber
fc33fa599d Fix: File permissions in packages should not depend on umask of build system
If the build system for packages has a umask of `0077`, cloned
repositories will have no permissions for group and other. As the build
scripts for some packages just copy from clone git repos, this will
preserve the permissions in the package and prevent the following
services from startup:

* `bbb-html5`
* `etherpad`
* `bbb-pads`
* `bbb-export-annotations`
* `bbb-rap-*`

This patch grants everyone read permissions to the code in the packages.
2024-05-28 16:24:27 +02:00
Calvin Walton
9ecea0804e nginx config: Allow overriding the $scheme variable
The etherpad component's nginx configuration needs to know the request
scheme in order to set some variables that influence whether the
'Secure' flag is set on cookies. Right now it directly uses the $scheme
variable, but this variable does not get set to the expected value if
nginx is behind a reverse-proxy where the proxy handles TLS termination.

Adjust the etherpad nginx config to use a variable with a different name
$real_scheme, which can be set in the nginx server block to match the
configuration of the nginx listeners.

This variable is set to the value of $scheme in the default
/etc/sites-available/bigbluebutton file. The bbb-install.sh script will
be updated to set this variable in the configurations it writes.

People using other installation scripts will need to add this variable
to their nginx configuration file, or etherpad might not operate correctly.
2023-04-25 17:13:24 -04:00
Gustavo Trott
3afe19d199 Removes bbb-html5-conn-limit.conf from old path if exists 2023-02-22 09:07:44 -03:00
Gustavo Trott
7a740d2f50 Apply limit_conn only for location /html5client/sockjs 2023-02-21 15:17:32 -03:00
Gustavo Trott
110f49f886 Use template file to set conn limit config to nginx 2023-02-21 15:15:42 -03:00
Anton Georgiev
a7ae9971df
Merge pull request #15602 from prlanzarin/u26/build/sfu-prio
build: use FIFO scheduler in bbb-webrtc-sfu
2023-01-26 14:36:26 -05:00
Anton Georgiev
f2a9a4ed9d
build: copy tldraw fonts to be served in files/
Cont'd from https://github.com/bigbluebutton/bigbluebutton/pull/16443
2023-01-12 16:25:40 -05:00
Anton Georgiev
e3764153af build: copy tldraw fonts to be served in files/ 2023-01-10 21:49:03 +00:00
Ramón Souza
52e06ce326 copy tldraw fonts to public/files 2023-01-10 10:21:01 -03:00
Tainan Felipe
cbcab9517e
New nginx rules (#15977) 2022-11-09 17:17:50 -03:00
Ramón Souza
7ab6a247ae enable websocket compression in front-end servers 2022-10-04 10:45:44 -03:00
Ramón Souza
94b8827bff update number of default servers for bbb-html5 2022-09-28 10:27:59 -03:00
Ramón Souza
2b0971e2c8 Merge tag 'v2.5.6' into merge-256-26 2022-09-26 09:17:59 -03:00
Anton Georgiev
3530c5fc51 build: /lib vs /usr/lib closes #15553 2022-09-01 11:56:35 +00:00
prlanzarin
ef7b1fb3e5 build: use FIFO scheduler in bbb-webrtc-sfu
bbb-webrtc-sfu (and mediasoup) are running in the CFS scheduler which
means it has to compete with (much) lower priority tasks like
presentation conversion, recording processing, [...]
Since it encompasses an RTC application which also handles audio, it
should be _at least_ on the same scheduling policy as FS/bbb-html5 - and
that should be safer now  with mediasoup which has a lower footprint
(and generates lower CPU noise overall).

This commit puts bbb-webrtc-sfu in the FIFO scheduling policy (same as
bbb-html5). Also bumps bbb-html5 nice level up to 18 and sets SFU to
nice 19 (so bbb-html5 has some advantage when push comes to shove).

This can be improved further by using per-process priorities in SFU.
Ideally we'd want mediasoup audio workers and mcs-core to be the same
priority as FS (so higher than bbb-html5), but the rest of them
(video/screen workers) to be the same or lower than bbb-html5. For
future reference:
  - https://github.com/bigbluebutton/bbb-webrtc-sfu/commit/3e245122dfa155ecb77b536eeadac1e4607cee
  - 66d443d204
2022-08-26 14:08:24 +00:00
Ramón Souza
e6daad4e3d
Update build/packages-template/bbb-html5/build.sh
Co-authored-by: Anton Georgiev <antobinary@users.noreply.github.com>
2022-08-26 09:31:29 -03:00
Ramón Souza
a277049e55
Update build/packages-template/bbb-html5/build.sh
Co-authored-by: Anton Georgiev <antobinary@users.noreply.github.com>
2022-08-26 09:31:06 -03:00
Anton Georgiev
59e54c8030 build: replace globally v=VERSION for cache busting 2022-08-25 15:11:48 +00:00
Anton Georgiev
b677996410 Merge branch 'fix-font-preload' of github.com:ramonlsouza/bigbluebutton into test-css-version 2022-08-24 18:50:25 +00:00
Anton Georgiev
2d7ac73364
Merge branch 'v2.6.x-release' into default-nginx-config 2022-08-20 05:10:22 -04:00
Ramón Souza
4293a081c1 fix font preload 2022-08-18 13:39:47 -03:00
prlanzarin
83ddc621a8 fix(bbb-html5): serve compressed version of /compatibility files
Files are compressed on build, but gzip_static on isn't set on their
nginx route - so original files are being served, uncompressed.

This commit serves the previously compressed files instead (thus
reducing initial transfer size by ~1 MB).

Someone should look into whether serving compressed version of the rest
of assets makes sense - it probably does.
Still pending: fonts, locales, svgs, everything under resources, ...
2022-07-16 00:36:26 +00:00
Anton Georgiev
cef352b6de
Merge pull request #15392 from GuiLeme/fix-bbb-demo-removal
fix(config): Correction to nginx assets folder
2022-07-15 11:45:02 -04:00
GuiLeme
145d360553 [fix-bbb-demo-removal] - correction to nginx assets folder 2022-07-15 12:11:42 -03:00
Ramon Souza
db5ac1428a Merge tag 'v2.5.3' into merge25-26-jul14 2022-07-15 11:08:02 -03:00
Anton Georgiev
93865717b6 build: bbb-html5-nodejs to reduce size of bbb-html5 2022-07-12 16:25:37 +00:00
Anton Georgiev
7642fd67fe build: set bbb-export-presentations as a required package 2022-07-08 01:19:53 -04:00
Anton Georgiev
55dbc34984
Merge pull request #14616 from danimo/bbb-target
build: Introduce bigluebutton.target
2022-07-06 14:42:09 -04:00
Anton Georgiev
3cdfe2fc39 chore: update meteor 2.7.1 to 2.7.3 2022-07-05 13:19:08 +00:00
Daniel Molkentin
a7f43ba2b8 Merge remote-tracking branch 'origin/v2.6.x-release' into bbb-target 2022-06-27 17:03:01 +02:00
Daniel Schreiber
1a12514b61 Fix(build): add service dependency to redis for several services
* fix unit name: the unit name on Ubuntu is `redis-server.service`
* services which need a working redis require both After= and Wants=

See the description in the `systemd.unit` man page.
2022-05-29 22:31:03 +02:00
Fred Dixon
ef6eb21cce Minor refactoring of propagating new version 2022-05-15 13:58:25 -05:00
Anton Georgiev
fd5d3cbfac
Merge branch 'v2.5.x-release' into default-nginx-config 2022-05-13 10:23:38 -04:00
Ramon Souza
07f9a192b9 Merge remote-tracking branch 'upstream/v2.4.x-release' into merge-2425-apr27 2022-04-27 15:32:20 -03:00
Calvin Walton
09124ab06c packaging: Add dependencies on yq 3
yq package is now provided in the BigBlueButton support PPA for BBB 2.5,
so we can depend on the package now. Ensure the dependency is specific
to avoid an incompatible yq version 4 from being installed.
2022-04-25 15:04:38 -04:00
Ramon Souza
c96c47e551 update bbb-html5 build scripts for meteor 2.7.1 2022-04-25 13:11:12 -03:00
Daniel Schreiber
5d3b8cdc66 build: fix bbb-html5 nginx site config 2022-04-04 23:45:03 +02:00
Anton Georgiev
97dbc1aeb6
Merge branch 'v2.5.x-release' into bbb-target 2022-04-01 14:21:15 -04:00
Bohdan Zhemelinskyi
51032dd593 fix disable THP called too often 2022-04-01 14:43:48 +00:00
Anton Georgiev
fc688f2038 Merge branch 'meteor-261' of github.com:ramonlsouza/bigbluebutton into meteor-261 2022-03-29 20:27:26 +00:00
Anton Georgiev
6b4a7ff898 refactor: swap netstat with ss 2022-03-23 20:50:19 +00:00
Anton Georgiev
33a2dd566c build: do not delete .nginx file, it is removed on upgrade too 2022-03-18 19:02:46 +00:00
Daniel Molkentin
568756bf7e move systemd files to /lib/systemd/system 2022-03-17 13:03:15 +01:00
Daniel Molkentin
9f833a4760 Introduce bigbluebutton.target 2022-03-17 11:35:42 +01:00
Anton Georgiev
405d326ea7
Merge branch 'v2.5.x-release' into meteor-261 2022-03-16 11:55:31 -04:00
Anton Georgiev
c3242c8003 build: nginx from /usr/share/bigbluebutton/nginx 2022-03-15 02:01:37 +00:00
Anton Georgiev
4e6b0a608e refactor: store nginx files in /usr/share/bigbluebutton/nignx not /etc/bigbluebutton/nginx 2022-03-15 01:42:28 +00:00
Anton Georgiev
1f0b58a87e build: re-add sfu as a dependency to bbb-html5 2022-03-15 00:23:39 +00:00
Anton Georgiev
d5b1fe50a0 build: add mongodb-org as bbb-html5 dependency 2022-03-14 23:15:26 +00:00