diff --git a/DOCKER.md b/DOCKER.md
index 533a42127fc86a24cc5fd606b23383df444894cb..055e979af06bb9645d7fa90c45f1cd09c35dbe82 100644
--- a/DOCKER.md
+++ b/DOCKER.md
@@ -1,45 +1,61 @@
## BUILD
```
mconf@docker-bbb:~/bigbluebutton/bigbluebutton-html5$ docker build -t bbb-html5 .
-mconf@docker-bbb:~/bigbluebutton$ docker build -f sbt.dockerfile -t 'sbt:0.13.8' .
+mconf@docker-bbb:~/bigbluebutton/labs/docker/sbt$ docker build -t 'sbt:0.13.8' .
+mconf@docker-bbb:~/bigbluebutton/bbb-common-message$ docker build -t 'bbb-common-message' --build-arg COMMON_VERSION=0.0.1-SNAPSHOT .
mconf@docker-bbb:~/bigbluebutton$ docker build -f akka-bbb-apps/Dockerfile -t bbb-apps-akka --build-arg COMMON_VERSION=0.0.1-SNAPSHOT .
mconf@docker-bbb:~/bigbluebutton$ docker build -f akka-bbb-transcode/Dockerfile -t bbb-transcode --build-arg COMMON_VERSION=0.0.1-SNAPSHOT .
-mconf@docker-bbb:~/bigbluebutton$ docker build -f bigbluebutton-web/Dockerfile -t bbb-web --build-arg COMMON_VERSION=0.0.1-SNAPSHOT --build-arg SBT_VERSION=0.13.8 .
+mconf@docker-bbb:~/bigbluebutton$ docker build -f bigbluebutton-web/Dockerfile -t bbb-web --build-arg COMMON_VERSION=0.0.1-SNAPSHOT .
mconf@docker-bbb:~/bigbluebutton$ docker build -f freeswitch.dockerfile -t bbb-freeswitch .
mconf@docker-bbb:~/bigbluebutton$ docker build -f akka-bbb-fsesl/Dockerfile -t bbb-fsesl-akka --build-arg COMMON_VERSION=0.0.1-SNAPSHOT .
mconf@docker-bbb:~/bigbluebutton$ docker build -f libreoffice.dockerfile -t libreoffice .
mconf@docker-bbb:~/bigbluebutton/labs/bbb-webrtc-sfu$ docker build -t bbb-webrtc-sfu .
+mconf@docker-bbb:~/bigbluebutton/bbb-webhooks$ docker build -t bbb-webhooks .
```
## RUN
```
-docker run --name mongo -d mongo:3.4
-docker run --name redis -d redis
-docker run --name kurento -d kurento/kurento-media-server:6.6.3
-docker run --name bbb-html5 -p 3000:3000 --link mongo --link redis -e MONGO_URL=mongodb://mongo/bbbhtml5 -e METEOR_SETTINGS="$(cat private/config/settings-production.json)" -d bbb-html5
-docker run --name bbb-webhooks -p 3005:3005 --link redis -d bbb-webhooks
-docker run --name bbb-apps-akka --link redis -d bbb-apps-akka
-docker run --name bbb-transcode --link redis -d bbb-transcode
-docker run --name bbb-web -p 8080:8080 --link redis -d bbb-web
-docker run --name bbb-freeswitch -d bbb-freeswitch
-docker run --name bbb-fsesl-akka --link redis --link bbb-freeswitch -d bbb-fsesl-akka
-docker run --name libreoffice -p 8100:8100 -d libreoffice
-docker run --name bbb-webrtc-sfu -p 3008:3008 -e KURENTO_IP=172.17.0.12 --link redis -d bbb-webrtc-sfu
+docker run --rm --name haveged --privileged -d harbur/haveged
+docker run --rm --name mongo -d mongo:3.4
+docker run --rm --name redis -d redis
+docker run --rm --name kurento -d kurento/kurento-media-server
+docker run --rm --name bbb-html5 -p 3000:3000 --link mongo --link redis -e MONGO_URL=mongodb://mongo/bbbhtml5 -e METEOR_SETTINGS="$(cat private/config/settings-production.json)" -e REDIS_HOST=redis -d bbb-html5
+docker run --rm --name bbb-webhooks -p 3005:3005 --link redis -e REDIS_HOST=redis -d bbb-webhooks
+docker run --rm --name bbb-apps-akka --link redis -e REDIS_HOST=redis -d bbb-apps-akka
+docker run --rm --name bbb-transcode --link redis -e REDIS_HOST=redis -d bbb-transcode
+# docker run --rm --name bbb-web -p 8080:8080 --link redis -e REDIS_HOST=redis -e BIGBLUEBUTTON_WEB_SERVERURL=https://felipe-docker.mconf.com -e JAVA_OPTS="-Djava.security.egd=file:/dev/./urandom" -d bbb-web
+# docker run --rm --name bbb-web -p 8080:8080 --link redis -e REDIS_HOST=redis -e BIGBLUEBUTTON_WEB_SERVERURL=https://felipe-docker.mconf.com -d bbb-web
+docker run --rm --name bbb-web -p 8080:8080 --link redis -e REDIS_HOST=redis -e SERVER_URL=https://felipe-docker.mconf.com -d bbb-web
+
+docker run --rm --name bbb-freeswitch -d bbb-freeswitch
+docker run --rm --name bbb-fsesl-akka --link redis --link bbb-freeswitch -e REDIS_HOST=redis -e ESL_HOST=freeswitch -d bbb-fsesl-akka
+docker run --rm --name libreoffice -p 8100:8100 -d libreoffice
+docker run --rm --name bbb-webrtc-sfu -p 3008:3008 --link redis --link kurento --link bbb-transcode -e KURENTO_IP=206.189.162.193 -e KURENTO_URL=http://kurento:8888/kurento -e TRANSCODE_IP=bbb-transcode -e REDIS_HOST=redis -d bbb-webrtc-sfu
+
+docker run --rm --name certbot -p 80:80 -v ~/certs:/etc/letsencrypt -it certbot/certbot certonly --non-interactive --register-unsafely-without-email --agree-tos --expand --domain felipe-docker.mconf.com --webroot -w /var/www/bigbluebutton-default/
+docker run --rm --name certbot -p 80:80 -v ~/certs:/etc/letsencrypt -it certbot/certbot certonly --non-interactive --register-unsafely-without-email --agree-tos --expand --domain felipe-docker.mconf.com --standalone
+
+openssl dhparam -out /root/dhp-2048.pem 2048
+
+docker run --rm --name nginx --link bbb-webhooks --link bbb-web --link bbb-html5 --link bbb-webrtc-sfu -p 80:80 -p 443:443 -v ~/certs:/etc/letsencrypt -v $(pwd)/dhp-2048.pem:/etc/nginx/ssl/dhp-2048.pem -v $(pwd)/nginx.conf:/etc/nginx/nginx.conf -it nginx
+
+docker exec -ti bbb-web cat webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties | grep '^securitySalt=' | cut -d'=' -f2
+docker exec -ti redis redis-cli monitor
```
## TODO
- reboot libreoffice in case of failure
-- connect bbb-common-web to libreoffice running in a different container (decouple bbb-web from libreoffice)
+- connect bbb-common-web to libreoffice running in a different container (decouple bbb-web from libreoffice); remove libreoffice from bbb-web image
- configure ip on freeswitch
- configure to connect to redis:
- - akka-bbb-apps/src/main/resources/application.conf
+ v akka-bbb-apps/src/main/resources/application.conf
- akka-bbb-fsesl/src/main/resources/application.conf
- - akka-bbb-transcode/src/main/resources/application.conf
- - bbb-webhooks/config_local.coffee.example
- - bigbluebutton-html5/private/config/settings-production.json
- - bigbluebutton-web/grails-app/conf/application.conf
- - bigbluebutton-web/grails-app/conf/bigbluebutton.properties
- - labs/bbb-webrtc-sfu/config/default.example.yml
+ v akka-bbb-transcode/src/main/resources/application.conf
+ v bbb-webhooks/config_local.coffee.example
+ v bigbluebutton-html5/private/config/settings-production.json
+ v bigbluebutton-web/grails-app/conf/application.conf
+ v bigbluebutton-web/grails-app/conf/bigbluebutton.properties
+ v labs/bbb-webrtc-sfu/config/default.example.yml
- set log filename on bigbluebutton-html5/private/config/settings-production.json to /dev/stdout
- set freeswitch esl host on akka-bbb-fsesl/src/main/resources/application.conf to bbb-freeswitch
- set server URL and secret on bigbluebutton-web/grails-app/conf/bigbluebutton.properties
@@ -50,4 +66,6 @@ docker run --name bbb-webrtc-sfu -p 3008:3008 -e KURENTO_IP=172.17.0.12 --link r
- reverse proxy using traefik
- docker composer
- UDP ports
-
+- generate dhparam
+- configure kurento public IP on bbb-webrtc-sfu
+- use config library to load the process.env automatically as it is on bbb-webrtc-sfu
diff --git a/akka-bbb-apps/src/main/scala/org/bigbluebutton/SystemConfiguration.scala b/akka-bbb-apps/src/main/scala/org/bigbluebutton/SystemConfiguration.scala
index 6421ad2ce6d3be6798229c6b872ee892243b6fa3..375a0f34a4b52cf0f35b57f886f800b2a5d00b8a 100755
--- a/akka-bbb-apps/src/main/scala/org/bigbluebutton/SystemConfiguration.scala
+++ b/akka-bbb-apps/src/main/scala/org/bigbluebutton/SystemConfiguration.scala
@@ -2,12 +2,13 @@ package org.bigbluebutton
import com.typesafe.config.ConfigFactory
import scala.util.Try
+import scala.util.Properties
trait SystemConfiguration {
val config = ConfigFactory.load()
- lazy val redisHost = Try(config.getString("redis.host")).getOrElse("127.0.0.1")
+ lazy val redisHost = Try(Properties.envOrElse("REDIS_HOST", config.getString("redis.host"))).getOrElse("127.0.0.1")
lazy val redisPort = Try(config.getInt("redis.port")).getOrElse(6379)
lazy val redisPassword = Try(config.getString("redis.password")).getOrElse("")
lazy val httpInterface = Try(config.getString("http.interface")).getOrElse("")
diff --git a/akka-bbb-fsesl/src/main/scala/org/bigbluebutton/SystemConfiguration.scala b/akka-bbb-fsesl/src/main/scala/org/bigbluebutton/SystemConfiguration.scala
index c9c776a410d714d2e28627a173e97a075500050e..d1159ad76ac350049574d5e4b68e2753c228cd83 100755
--- a/akka-bbb-fsesl/src/main/scala/org/bigbluebutton/SystemConfiguration.scala
+++ b/akka-bbb-fsesl/src/main/scala/org/bigbluebutton/SystemConfiguration.scala
@@ -2,17 +2,18 @@ package org.bigbluebutton
import com.typesafe.config.ConfigFactory
import scala.util.Try
-
+import scala.util.Properties
+
trait SystemConfiguration {
val config = ConfigFactory.load()
- lazy val eslHost = Try(config.getString("freeswitch.esl.host")).getOrElse("127.0.0.1")
+ lazy val eslHost = Try(Properties.envOrElse("ESL_HOST", config.getString("freeswitch.esl.host"))).getOrElse("127.0.0.1")
lazy val eslPort = Try(config.getInt("freeswitch.esl.port")).getOrElse(8021)
lazy val eslPassword = Try(config.getString("freeswitch.esl.password")).getOrElse("ClueCon")
lazy val fsProfile = Try(config.getString("freeswitch.conf.profile")).getOrElse("cdquality")
- lazy val redisHost = Try(config.getString("redis.host")).getOrElse("127.0.0.1")
+ lazy val redisHost = Try(Properties.envOrElse("REDIS_HOST", config.getString("redis.host"))).getOrElse("127.0.0.1")
lazy val redisPort = Try(config.getInt("redis.port")).getOrElse(6379)
lazy val redisPassword = Try(config.getString("redis.password")).getOrElse("")
diff --git a/akka-bbb-transcode/src/main/scala/org/bigbluebutton/SystemConfiguration.scala b/akka-bbb-transcode/src/main/scala/org/bigbluebutton/SystemConfiguration.scala
index 47eda79c6466655e2d13a1391968c19a169a507e..bd39f3f7ef8d3b93fad7add7eeff8acda79b1f93 100644
--- a/akka-bbb-transcode/src/main/scala/org/bigbluebutton/SystemConfiguration.scala
+++ b/akka-bbb-transcode/src/main/scala/org/bigbluebutton/SystemConfiguration.scala
@@ -2,12 +2,13 @@ package org.bigbluebutton
import com.typesafe.config.ConfigFactory
import scala.util.Try
+import scala.util.Properties
trait SystemConfiguration {
val config = ConfigFactory.load()
- lazy val redisHost = Try(config.getString("redis.host")).getOrElse("127.0.0.1")
+ lazy val redisHost = Try(Properties.envOrElse("REDIS_HOST", config.getString("redis.host"))).getOrElse("127.0.0.1")
lazy val redisPort = Try(config.getInt("redis.port")).getOrElse(6379)
lazy val redisPassword = Try(config.getString("redis.password")).getOrElse("")
diff --git a/bbb-common-message/Dockerfile b/bbb-common-message/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..223159915350214fdaf6c9f9493bf52c6f7e9580
--- /dev/null
+++ b/bbb-common-message/Dockerfile
@@ -0,0 +1,13 @@
+FROM sbt:0.13.8
+
+ARG COMMON_VERSION
+
+COPY . /bbb-common-message
+
+RUN cd /bbb-common-message \
+ && sed -i "s|\(version := \)\".*|\1\"$COMMON_VERSION\"|g" build.sbt \
+ && echo 'publishTo := Some(Resolver.file("file", new File(Path.userHome.absolutePath+"/.m2/repository")))' | tee -a build.sbt \
+ && sbt compile \
+ && sbt publish \
+ && sbt publishLocal
+
diff --git a/bbb-common-web/Dockerfile b/bbb-common-web/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..c6b0c4b9ffd6869f7b0c16eaf0a3e5da4fc4556d
--- /dev/null
+++ b/bbb-common-web/Dockerfile
@@ -0,0 +1,14 @@
+FROM bbb-common-message
+
+ARG COMMON_VERSION
+
+COPY . /bbb-common-web
+
+RUN cd /bbb-common-web \
+ && sed -i "s|\(version := \)\".*|\1\"$COMMON_VERSION\"|g" build.sbt \
+ && find -name build.sbt -exec sed -i "s|\(.*org.bigbluebutton.*bbb-common-message[^\"]*\"[ ]*%[ ]*\)\"[^\"]*\"\(.*\)|\1\"$COMMON_VERSION\"\2|g" {} \; \
+ && echo 'publishTo := Some(Resolver.file("file", new File(Path.userHome.absolutePath+"/.m2/repository")))' | tee -a build.sbt \
+ && sbt compile \
+ && sbt publish \
+ && sbt publishLocal
+
diff --git a/bbb-common-web/src/main/scala/org/bigbluebutton/api2/SystemConfiguration.scala b/bbb-common-web/src/main/scala/org/bigbluebutton/api2/SystemConfiguration.scala
index adf1e3b471f6d3044438875965b9841657f48770..016b9557a3d9523521d72808fba754b2ad66cd37 100755
--- a/bbb-common-web/src/main/scala/org/bigbluebutton/api2/SystemConfiguration.scala
+++ b/bbb-common-web/src/main/scala/org/bigbluebutton/api2/SystemConfiguration.scala
@@ -1,13 +1,14 @@
package org.bigbluebutton.api2
import com.typesafe.config.ConfigFactory
+import scala.util.Properties
import scala.util.Try
trait SystemConfiguration {
val config = ConfigFactory.load()
- lazy val redisHost = Try(config.getString("redis.host")).getOrElse("127.0.0.1")
+ lazy val redisHost = Try(Properties.envOrElse("REDIS_HOST", config.getString("redis.host"))).getOrElse("127.0.0.1")
lazy val redisPort = Try(config.getInt("redis.port")).getOrElse(6379)
lazy val redisPassword = Try(config.getString("redis.password")).getOrElse("")
diff --git a/bigbluebutton-html5/imports/startup/server/redis.js b/bigbluebutton-html5/imports/startup/server/redis.js
index 8dd4fb75b4c37b0b894dc9f0e77e28ce2f0d0b37..470211fab12d232ab008c5bd26e0e7f04bdfb536 100644
--- a/bigbluebutton-html5/imports/startup/server/redis.js
+++ b/bigbluebutton-html5/imports/startup/server/redis.js
@@ -105,8 +105,9 @@ class RedisPubSub {
this.config = config;
this.didSendRequestEvent = false;
- this.pub = Redis.createClient(Meteor.settings.private.redis);
- this.sub = Redis.createClient(Meteor.settings.private.redis);
+ const redisHost = process.env.REDIS_HOST || Meteor.settings.private.redis.host;
+ this.pub = Redis.createClient(Meteor.settings.private.redis.port, redisHost);
+ this.sub = Redis.createClient(Meteor.settings.private.redis.port, redisHost);
this.emitter = new EventEmitter2();
this.mettingsQueues = {};
diff --git a/bigbluebutton-web/Dockerfile b/bigbluebutton-web/Dockerfile
index 68f149fb03f70789978c115d9373c251d1ad1813..a4638ff3e5b10dda2e0ddd81eb9f921729c2ea87 100644
--- a/bigbluebutton-web/Dockerfile
+++ b/bigbluebutton-web/Dockerfile
@@ -1,27 +1,7 @@
-FROM tomcat:7-jre8
-
-ARG COMMON_VERSION
-ARG SBT_VERSION
-
-RUN apt-get update \
- && apt-get -y install openjdk-8-jdk-headless \
- && apt-get -y install imagemagick xpdf-utils libreoffice ttf-liberation psmisc fonts-crosextra-carlito fonts-crosextra-caladea
-
-ENV JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
-
-RUN cp $JAVA_HOME/lib/tools.jar $JAVA_HOME/jre/lib/ext/tools.jar
-
-RUN curl -L -o sbt-$SBT_VERSION.deb https://dl.bintray.com/sbt/debian/sbt-$SBT_VERSION.deb \
- && dpkg -i sbt-$SBT_VERSION.deb \
- && rm sbt-$SBT_VERSION.deb \
- && apt-get update \
- && apt-get install sbt \
- && sbt sbtVersion
-
-RUN echo 'resolvers += "Artima Maven Repository" at "http://repo.artima.com/releases"' | tee -a ~/.sbt/0.13/global.sbt
+FROM bbb-common-web AS builder
RUN mkdir -p /root/tools \
- && cd ~/tools \
+ && cd /root/tools \
&& wget http://services.gradle.org/distributions/gradle-2.12-bin.zip \
&& unzip gradle-2.12-bin.zip \
&& ln -s gradle-2.12 gradle
@@ -34,33 +14,33 @@ RUN mkdir -p /root/tools \
ENV PATH="/root/tools/gradle/bin:/root/tools/grails/bin:${PATH}"
-COPY ./bbb-common-message /bbb-common-message
-
-RUN cd /bbb-common-message \
- && sed -i "s|\(version := \)\".*|\1\"$COMMON_VERSION\"|g" build.sbt \
- && echo 'publishTo := Some(Resolver.file("file", new File(Path.userHome.absolutePath+"/.m2/repository")))' | tee -a build.sbt \
- && sbt compile \
- && sbt publish \
- && sbt publishLocal
-
-COPY ./bbb-common-web /bbb-common-web
-
-RUN cd /bbb-common-web \
- && sed -i "s|\(version := \)\".*|\1\"$COMMON_VERSION\"|g" build.sbt \
- && find -name build.sbt -exec sed -i "s|\(.*org.bigbluebutton.*bbb-common-message[^\"]*\"[ ]*%[ ]*\)\"[^\"]*\"\(.*\)|\1\"$COMMON_VERSION\"\2|g" {} \; \
- && echo 'publishTo := Some(Resolver.file("file", new File(Path.userHome.absolutePath+"/.m2/repository")))' | tee -a build.sbt \
- && sbt compile \
- && sbt publish \
- && sbt publishLocal
+ARG COMMON_VERSION
-COPY ./bigbluebutton-web /source
+COPY . /source
RUN cd /source \
&& find -name build.gradle -exec sed -i "s|\(.*org.bigbluebutton.*bbb-common-message[^:]*\):.*|\1:$COMMON_VERSION'|g" {} \; \
- && find -name build.gradle -exec sed -i "s|\(.*org.bigbluebutton.*bbb-common-web[^:]*\):.*|\1:$COMMON_VERSION'|g" {} \; \
+ && find -name build.gradle -exec sed -i "s|\(.*org.bigbluebutton.*bbb-common-web[^:]*\):.*|\1:$COMMON_VERSION'|g" {} \;
+
+RUN cd /source \
&& gradle resolveDeps \
- && grails war \
- && mv target/bigbluebutton-0.9.0.war $CATALINA_HOME/webapps/bigbluebutton.war
+ && grails war
+
+FROM tomcat:7-jre8
+
+WORKDIR $CATALINA_HOME
+
+COPY --from=builder /source/target/bigbluebutton-0.9.0.war webapps/bigbluebutton.war
+
+COPY docker_wrapper.sh .
+
+RUN apt-get update \
+ && apt-get -y install imagemagick xpdf-utils libreoffice ttf-liberation psmisc fonts-crosextra-carlito fonts-crosextra-caladea
+
+RUN echo "deb http://ubuntu.bigbluebutton.org/xenial-200 bigbluebutton-xenial main " | tee /etc/apt/sources.list.d/bigbluebutton.list \
+ && wget http://ubuntu.bigbluebutton.org/repo/bigbluebutton.asc -O- | apt-key add - \
+ && apt-get update \
+ && apt-get -y install bbb-swftools
-CMD ["catalina.sh", "run"]
+CMD [ "./docker_wrapper.sh" ]
diff --git a/bigbluebutton-web/docker_wrapper.sh b/bigbluebutton-web/docker_wrapper.sh
new file mode 100755
index 0000000000000000000000000000000000000000..8bdd41bdd4c6ced956c11c7b3d2a86df2762d0b4
--- /dev/null
+++ b/bigbluebutton-web/docker_wrapper.sh
@@ -0,0 +1,10 @@
+#!/bin/bash -e
+
+pushd .
+cd webapps/
+jar xvf bigbluebutton.war
+sed -i 's|^bigbluebutton\.web\.serverURL.*|bigbluebutton.web.serverURL=https://$SERVER_URL|g' bigbluebutton/WEB-INF/classes/bigbluebutton.properties
+popd
+
+./bin/catalina.sh run
+
diff --git a/labs/bbb-webrtc-sfu/config/custom-environment-variables.yml b/labs/bbb-webrtc-sfu/config/custom-environment-variables.yml
new file mode 100644
index 0000000000000000000000000000000000000000..081fc7510209f3db2e21b655100f89674a1cbebb
--- /dev/null
+++ b/labs/bbb-webrtc-sfu/config/custom-environment-variables.yml
@@ -0,0 +1,5 @@
+kurentoUrl: KURENTO_URL
+kurentoIp: KURENTO_IP
+localIpAddress: TRANSCODE_IP
+redisHost: REDIS_HOST
+
diff --git a/sbt.dockerfile b/labs/docker/sbt/Dockerfile
similarity index 94%
rename from sbt.dockerfile
rename to labs/docker/sbt/Dockerfile
index 84a911cbab3a34a1bb7a40983a28c666aa073ae7..522324ccbcd1aa64a57305be0f9605663ee2295f 100644
--- a/sbt.dockerfile
+++ b/labs/docker/sbt/Dockerfile
@@ -1,6 +1,6 @@
FROM openjdk:8
-ARG SBT_VERSION 0.13.8
+ARG SBT_VERSION=0.13.8
RUN curl -L -o sbt-$SBT_VERSION.deb https://dl.bintray.com/sbt/debian/sbt-$SBT_VERSION.deb \
&& dpkg -i sbt-$SBT_VERSION.deb \
diff --git a/nginx.conf b/nginx.conf
new file mode 100644
index 0000000000000000000000000000000000000000..c1af4c4f9ff32d2352b5105b41b87317098497ae
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,259 @@
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+
+events {
+ worker_connections 768;
+}
+
+http {
+ ##
+ # Basic Settings
+ ##
+
+ sendfile on;
+ tcp_nopush on;
+ tcp_nodelay on;
+ keepalive_timeout 65;
+ types_hash_max_size 2048;
+
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ ##
+ # SSL Settings
+ ##
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+ ssl_prefer_server_ciphers on;
+
+ ##
+ # Logging Settings
+ ##
+
+ access_log /var/log/nginx/access.log;
+ error_log /var/log/nginx/error.log;
+
+ ##
+ # Gzip Settings
+ ##
+
+ gzip on;
+ gzip_disable "msie6";
+
+ ##
+ # Virtual Host Configs
+ ##
+
+ server {
+ listen 80;
+ listen [::]:80;
+ server_name felipe-docker.mconf.com;
+ listen 443 ssl;
+ listen [::]:443 ssl;
+ ssl_certificate /etc/letsencrypt/live/felipe-docker.mconf.com/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/felipe-docker.mconf.com/privkey.pem;
+ ssl_session_cache shared:SSL:10m;
+ ssl_session_timeout 10m;
+ # need TLSv1 for the Java calls for the API, otherwise it would be removed
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
+ ssl_prefer_server_ciphers on;
+ ssl_dhparam /etc/nginx/ssl/dhp-2048.pem;
+ ssl_ecdh_curve secp384r1; # Requires nginx >= 1.1.0
+ ssl_session_tickets off; # Requires nginx >= 1.5.9
+ ssl_stapling on; # Requires nginx >= 1.3.7
+ ssl_stapling_verify on; # Requires nginx => 1.3.7
+ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
+
+ access_log /var/log/nginx/bigbluebutton.access.log;
+
+ # Handle RTMPT (RTMP Tunneling). Forwards requests
+ # to Red5 on port 5080
+ location ~ (/open/|/close/|/idle/|/send/|/fcs/) {
+ proxy_pass http://127.0.0.1:5080;
+ proxy_redirect off;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+ client_max_body_size 10m;
+ client_body_buffer_size 128k;
+
+ proxy_connect_timeout 90;
+ proxy_send_timeout 90;
+ proxy_read_timeout 90;
+
+ proxy_buffering off;
+ keepalive_requests 1000000000;
+ }
+
+ # Handle desktop sharing tunneling. Forwards
+ # requests to Red5 on port 5080.
+ location /deskshare {
+ proxy_pass http://127.0.0.1:5080;
+ proxy_redirect default;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ client_max_body_size 10m;
+ client_body_buffer_size 128k;
+ proxy_connect_timeout 90;
+ proxy_send_timeout 90;
+ proxy_read_timeout 90;
+ proxy_buffer_size 4k;
+ proxy_buffers 4 32k;
+ proxy_busy_buffers_size 64k;
+ proxy_temp_file_write_size 64k;
+ include fastcgi_params;
+ }
+
+ # BigBlueButton landing page.
+ location / {
+ root /var/www/bigbluebutton-default;
+ index index.html index.htm;
+ expires 1m;
+ }
+
+ # BigBlueButton.html is here so we can expire it every 1 minute to
+ # prevent caching.
+ location /client/BigBlueButton.html {
+ root /var/www/bigbluebutton;
+ index index.html index.htm;
+ expires 1m;
+ }
+
+ # BigBlueButton Flash client.
+ location /client {
+ root /var/www/bigbluebutton;
+ index index.html index.htm;
+ }
+
+ # Forward request to /demo to tomcat. This is for
+ # the BigBlueButton api demos.
+ location /demo {
+ proxy_pass http://127.0.0.1:8080;
+ proxy_redirect default;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+ # Allow 30M uploaded presentation document.
+ client_max_body_size 30m;
+ client_body_buffer_size 128k;
+
+ proxy_connect_timeout 90;
+ proxy_send_timeout 90;
+ proxy_read_timeout 90;
+
+ proxy_buffer_size 4k;
+ proxy_buffers 4 32k;
+ proxy_busy_buffers_size 64k;
+ proxy_temp_file_write_size 64k;
+
+ include fastcgi_params;
+ }
+
+ location /playback/presentation/playback.html {
+ return 301 /playback/presentation/0.81/playback.html?$query_string;
+ }
+
+ location /playback/presentation {
+ root /var/bigbluebutton;
+ index index.html index.htm;
+ }
+
+ location /presentation {
+ root /var/bigbluebutton/published;
+ index index.html index.htm;
+ }
+
+ # Handle desktop sharing tunneling. Forwards
+ # requests to Red5 on port 5080.
+ location /screenshare {
+ proxy_pass http://127.0.0.1:5080;
+ proxy_redirect default;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ client_max_body_size 10m;
+ client_body_buffer_size 128k;
+ proxy_connect_timeout 90;
+ proxy_send_timeout 90;
+ proxy_read_timeout 90;
+ proxy_buffer_size 4k;
+ proxy_buffers 4 32k;
+ proxy_busy_buffers_size 64k;
+ proxy_temp_file_write_size 64k;
+ include fastcgi_params;
+ }
+
+ location /ws {
+ proxy_pass https://45.55.44.165:7443;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "Upgrade";
+ proxy_read_timeout 6h;
+ proxy_send_timeout 6h;
+ client_body_timeout 6h;
+ send_timeout 6h;
+ }
+
+ # Pass to the webhooks app all requests made to the webhooks API.
+ location /bigbluebutton/api/hooks {
+ proxy_pass http://bbb-webhooks:3005;
+ proxy_redirect default;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header Host $http_host;
+ proxy_set_header X-NginX-Proxy true;
+ }
+
+ # Handle request to bbb-web running within Tomcat. This is for
+ # the BBB-API and Presentation.
+ location /bigbluebutton {
+ proxy_pass http://bbb-web:8080;
+ proxy_redirect default;
+ proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+ # Workaround IE refusal to set cookies in iframe
+ add_header P3P 'CP="No P3P policy available"';
+
+ # Allow 30M uploaded presentation document.
+ client_max_body_size 30m;
+ client_body_buffer_size 128k;
+
+ proxy_connect_timeout 90;
+ proxy_send_timeout 90;
+ proxy_read_timeout 90;
+
+ proxy_buffer_size 4k;
+ proxy_buffers 4 32k;
+ proxy_busy_buffers_size 64k;
+ proxy_temp_file_write_size 64k;
+
+ include fastcgi_params;
+ }
+
+ location /bbb-webrtc-sfu {
+ proxy_pass http://bbb-webrtc-sfu:3008;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "Upgrade";
+ proxy_read_timeout 6h;
+ proxy_send_timeout 6h;
+ client_body_timeout 6h;
+ send_timeout 6h;
+ }
+
+ location /html5client {
+ proxy_pass http://bbb-html5:3000;
+ proxy_http_version 1.1;
+ proxy_set_header Upgrade $http_upgrade;
+ proxy_set_header Connection "Upgrade";
+ }
+
+ location /_timesync {
+ proxy_pass http://bbb-html5:3000;
+ }
+
+ # Redirect server error pages to the static page /50x.html
+ #
+ error_page 500 502 503 504 /50x.html;
+ location = /50x.html {
+ root /var/www/nginx-default;
+ }
+ }
+}