diff --git a/README.md b/README.md index 265a164..d9366cd 100644 --- a/README.md +++ b/README.md @@ -23,23 +23,12 @@ Then, restart BBB: bbb-conf --restart ``` -## Running as the greenlight user -Add the following lines to `/opt/greenlight/.profile`: -``` -export PATH=$HOME/.gem/ruby/2.5.0/bin:$PATH -export $(grep -v '^#' ~/.env) -export RAILS_ENV=production -export BUNDLE_APP_CONFIG=~/.bundle -``` -This will allow you to use the `bundle` command after running -`su - greenlight`, if you need to do so. +## Installing Greenlight +See [here](https://docs.bigbluebutton.org/greenlight/gl-install.html) for +instructions. -## Running Greenlight -Enable and run the systemd service: -```sh -systemctl enable greenlight -systemctl start greenlight -``` +**Important**: Add 'PORT=5000' to the top of your env file for Greenlight. +Otherwise it will listen on port 80, which NGINX is already listening on. ## Creating an administrator account Theoretically, there is a [bundle command](https://docs.bigbluebutton.org/greenlight/gl-admin.html#creating-an-administrator-account) diff --git a/greenlight.nginx b/greenlight.nginx new file mode 100644 index 0000000..d6b26e9 --- /dev/null +++ b/greenlight.nginx @@ -0,0 +1,44 @@ +# Routes requests to Greenlight based on the '/b' prefix. +# Use this file to route '/b' paths on your BigBlueButton server +# to the Greenlight application. If you are using a different +# subpath, you should change it here. + +location /b { + proxy_pass http://127.0.0.1:5000; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_http_version 1.1; +} + +location /b/cable { + proxy_pass http://127.0.0.1:5000; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_http_version 1.1; + proxy_read_timeout 6h; + proxy_send_timeout 6h; + client_body_timeout 6h; + send_timeout 6h; +} + +# Allow larger body size for uploading presentations +location ~ /preupload_presentation$ { + client_max_body_size 30m; + + proxy_pass http://127.0.0.1:5000; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_http_version 1.1; +} + +# Only needed if using presentations and deployed at a relative root (ex "/b") +# If deploying at "/", delete the section below + +location /rails/active_storage { + return 301 /b$request_uri; +} diff --git a/playbook.yml b/playbook.yml index 38244a8..ce3636e 100644 --- a/playbook.yml +++ b/playbook.yml @@ -1,10 +1,10 @@ --- - hosts: 127.0.0.1 connection: local - vars: - ruby_version: 2.7.0 - gem: gem2.7 - bundle: "/opt/greenlight/.gem/ruby/{{ ruby_version }}/bin/bundle" + #vars: + # ruby_version: 2.7.0 + # gem: gem2.7 + # bundle: "/opt/greenlight/.gem/ruby/{{ ruby_version }}/bin/bundle" tasks: - name: install prerequisites apt: @@ -50,16 +50,16 @@ apt_repository: repo: deb https://ubuntu.bigbluebutton.org/bionic-23/ bigbluebutton-bionic main filename: bigbluebutton - - name: add repo for Brightbox ruby-ng - apt_repository: - repo: ppa:brightbox/ruby-ng - - name: add GPG key for CSC - apt_key: - url: http://debian.csclub.uwaterloo.ca/csclub.asc - - name: add CSC Debian repo - apt_repository: - repo: deb http://debian.csclub.uwaterloo.ca bionic main - filename: csclub + #- name: add repo for Brightbox ruby-ng + # apt_repository: + # repo: ppa:brightbox/ruby-ng + #- name: add GPG key for CSC + # apt_key: + # url: http://debian.csclub.uwaterloo.ca/csclub.asc + #- name: add CSC Debian repo + # apt_repository: + # repo: deb http://debian.csclub.uwaterloo.ca bionic main + # filename: csclub - name: update apt cache apt: update_cache: true @@ -70,7 +70,7 @@ - nodejs - bigbluebutton - bbb-html5 - - greenlight + #- greenlight - name: set BBB hostname # We should only need to do this once. Make sure to remove # /tmp/bbb-setip-done if the FQDN changes for whatever reason. @@ -211,67 +211,67 @@ loop: - 'rtp' - 'sip' - - name: install bundler for greenlight - become: yes - become_user: greenlight - command: '{{ gem }} install --user-install bundler' - args: - creates: '{{ bundle }}' + #- name: install bundler for greenlight + # become: yes + # become_user: greenlight + # command: '{{ gem }} install --user-install bundler' + # args: + # creates: '{{ bundle }}' - name: configure NGINX to route to Greenlight copy: - src: /opt/greenlight/greenlight.nginx + src: ./greenlight.nginx dest: /etc/bigbluebutton/nginx/greenlight.nginx - - name: create secret key for Rails - become: yes - become_user: greenlight - shell: '{{ bundle }} exec rake secret | tee /opt/greenlight/rake_secret' - args: - creates: /opt/greenlight/rake_secret - - name: assert rake secret was created - assert: - that: - - lookup('file', '/opt/greenlight/rake_secret') != '' - - name: obtain BBB API secret - shell: "bbb-conf --secret | grep -oP 'Secret: \\K[[:alnum:]]+'" - register: api_secret - - name: create .env file for greenlight - copy: - src: /opt/greenlight/sample.env - dest: /opt/greenlight/.env - force: no - owner: greenlight - group: greenlight - - name: update .env file for greenlight - replace: - path: /opt/greenlight/.env - regexp: '^{{ item.key }}=.*$' - replace: '{{ item.key }}={{ item.value }}' - with_dict: - SECRET_KEY_BASE: "{{ lookup('file', '/opt/greenlight/rake_secret') }}" - BIGBLUEBUTTON_ENDPOINT: 'https://{{ ansible_fqdn }}/bigbluebutton/' - BIGBLUEBUTTON_SECRET: '{{ api_secret.stdout }}' - SAFE_HOSTS: '{{ ansible_fqdn }}' - LDAP_SERVER: auth1.csclub.uwaterloo.ca - LDAP_PORT: '636' - LDAP_METHOD: 'ssl' - LDAP_UID: 'uid' - LDAP_BASE: 'dc=csclub,dc=uwaterloo,dc=ca' - LDAP_AUTH: 'user' - # make sure to create a role in Greenlight called "sysadmin" - LDAP_ROLE_FIELD: 'position' - ALLOW_GREENLIGHT_ACCOUNTS: 'false' - DEFAULT_REGISTRATION: open - ROOM_FEATURES: 'mute-on-join,require-moderator-approval' - DB_ADAPTER: postgresql - DB_HOST: coffee.csclub.uwaterloo.ca - DB_PORT: 5432 - DB_NAME: greenlight - DB_USERNAME: greenlight - - name: reminder for DB credentials - debug: - msg: >- - Make sure to create a database and user for greenlight and - update /opt/greenlight/.env with the Postgres credentials. + #- name: create secret key for Rails + # become: yes + # become_user: greenlight + # shell: '{{ bundle }} exec rake secret | tee /opt/greenlight/rake_secret' + # args: + # creates: /opt/greenlight/rake_secret + #- name: assert rake secret was created + # assert: + # that: + # - lookup('file', '/opt/greenlight/rake_secret') != '' + #- name: obtain BBB API secret + # shell: "bbb-conf --secret | grep -oP 'Secret: \\K[[:alnum:]]+'" + # register: api_secret + #- name: create .env file for greenlight + # copy: + # src: /opt/greenlight/sample.env + # dest: /opt/greenlight/.env + # force: no + # owner: greenlight + # group: greenlight + #- name: update .env file for greenlight + # replace: + # path: /opt/greenlight/.env + # regexp: '^{{ item.key }}=.*$' + # replace: '{{ item.key }}={{ item.value }}' + # with_dict: + # SECRET_KEY_BASE: "{{ lookup('file', '/opt/greenlight/rake_secret') }}" + # BIGBLUEBUTTON_ENDPOINT: 'https://{{ ansible_fqdn }}/bigbluebutton/' + # BIGBLUEBUTTON_SECRET: '{{ api_secret.stdout }}' + # SAFE_HOSTS: '{{ ansible_fqdn }}' + # LDAP_SERVER: auth1.csclub.uwaterloo.ca + # LDAP_PORT: '636' + # LDAP_METHOD: 'ssl' + # LDAP_UID: 'uid' + # LDAP_BASE: 'dc=csclub,dc=uwaterloo,dc=ca' + # LDAP_AUTH: 'user' + # # make sure to create a role in Greenlight called "sysadmin" + # LDAP_ROLE_FIELD: 'position' + # ALLOW_GREENLIGHT_ACCOUNTS: 'false' + # DEFAULT_REGISTRATION: open + # ROOM_FEATURES: 'mute-on-join,require-moderator-approval' + # DB_ADAPTER: postgresql + # DB_HOST: coffee.csclub.uwaterloo.ca + # DB_PORT: 5432 + # DB_NAME: greenlight + # DB_USERNAME: greenlight + #- name: reminder for DB credentials + # debug: + # msg: >- + # Make sure to create a database and user for greenlight and + # update /opt/greenlight/.env with the Postgres credentials. handlers: - name: reload systemd