some updates

master
Max Erenberg 11 months ago committed by root
parent 9ceb33a62b
commit 8d29e7ae23
  1. 58
      bigbluebutton.nginx
  2. 98
      playbook.yml

@ -9,8 +9,8 @@ server {
server {
server_name bbb.csclub.uwaterloo.ca;
listen 443 ssl;
listen [::]:443 ssl;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/nginx/ssl/csclub-wildcard-chain.crt;
ssl_certificate_key /etc/nginx/ssl/csclub-wildcard.key;
@ -25,39 +25,39 @@ server {
# Handle RTMPT (RTMP Tunneling). Forwards requests
# to Red5 on port 5080
location ~ (/open/|/close/|/idle/|/send/|/fcs/) {
proxy_pass http://127.0.0.1:5080;
proxy_redirect off;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#location ~ (/open/|/close/|/idle/|/send/|/fcs/) {
# proxy_pass http://127.0.0.1:5080;
# proxy_redirect off;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
# client_max_body_size 10m;
# client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
# proxy_connect_timeout 90;
# proxy_send_timeout 90;
# proxy_read_timeout 90;
proxy_buffering off;
keepalive_requests 1000000000;
}
# proxy_buffering off;
# keepalive_requests 1000000000;
#}
# Handle desktop sharing tunneling. Forwards
# requests to Red5 on port 5080.
location /deskshare {
proxy_pass http://127.0.0.1:5080;
proxy_redirect default;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
include fastcgi_params;
}
#location /deskshare {
# proxy_pass http://127.0.0.1:5080;
# proxy_redirect default;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# client_max_body_size 10m;
# client_body_buffer_size 128k;
# proxy_connect_timeout 90;
# proxy_send_timeout 90;
# proxy_read_timeout 90;
# proxy_buffer_size 4k;
# proxy_buffers 4 32k;
# proxy_busy_buffers_size 64k;
# proxy_temp_file_write_size 64k;
# include fastcgi_params;
#}
# BigBlueButton landing page.
location / {

@ -6,6 +6,20 @@
gem: gem2.7
bundle: "/opt/greenlight/.gem/ruby/{{ ruby_version }}/bin/bundle"
tasks:
- name: install prerequisites
apt:
name:
- software-properties-common
- apt-transport-https
- sudo
- net-tools
- openjdk-8-jre
- curl
- wget
- gpg-agent
- dirmngr
- name: update-java-alternatives
command: update-java-alternatives -s java-1.8.0-openjdk-amd64
- name: add PPA for bigbluebutton support packages
apt_repository:
repo: ppa:bigbluebutton/support
@ -17,78 +31,70 @@
repo: ppa:libreoffice/ppa
- name: add GPG key for MongoDB
apt_key:
url: https://www.mongodb.org/static/pgp/server-3.4.asc
url: https://www.mongodb.org/static/pgp/server-4.2.asc
- name: add repo for MongoDB
apt_repository:
repo: "deb [arch=amd64] http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.4 multiverse"
filename: mongodb-org-3.4
repo: "deb [arch=amd64] http://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.2 multiverse"
filename: mongodb-org-4.2
- name: add GPG key for Nodesource
apt_key:
url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
- name: add repo for Nodesource
apt_repository:
repo: deb https://deb.nodesource.com/node_14.x xenial main
repo: deb https://deb.nodesource.com/node_14.x bionic main
filename: nodesource
- name: add GPG key for bigbluebutton
apt_key:
url: https://ubuntu.bigbluebutton.org/repo/bigbluebutton.asc
- name: add repo for bigbluebutton
apt_repository:
repo: deb https://ubuntu.bigbluebutton.org/xenial-22/ bigbluebutton-xenial main
repo: deb https://ubuntu.bigbluebutton.org/bionic-23/ bigbluebutton-bionic main
filename: bigbluebutton
- name: add GPG key for Brightbox ruby-ng
apt_key:
keyserver: keyserver.ubuntu.com
id: 80F70E11F0F0D5F10CB20E62F5DA5F09C3173AA6
- name: add repo for Brightbox ruby-ng
apt_repository:
repo: deb http://ppa.launchpad.net/brightbox/ruby-ng/ubuntu xenial main
filename: brightbox.ruby-ng
repo: ppa:brightbox/ruby-ng
- name: add GPG key for CSC
apt_key:
url: http://debian.csclub.uwaterloo.ca/csclub.asc
- name: add CSC Debian repo
apt_repository:
repo: deb http://debian.csclub.uwaterloo.ca xenial main
repo: deb http://debian.csclub.uwaterloo.ca bionic main
filename: csclub
- name: update apt cache
apt:
update_cache: true
- name: install apt-transport-https
apt:
name: apt-transport-https
state: latest
- name: install curl
apt:
name: curl
state: latest
- name: install MongoDB
apt:
name: mongodb-org
state: latest
- name: install nodejs
apt:
# consider apt pinning this
name: nodejs
state: latest
- name: install bigbluebutton
apt:
name: bigbluebutton
state: latest
- name: install bbb-html5
- name: install packages
apt:
name: bbb-html5
state: latest
- name: install greenlight
apt:
name: greenlight
state: latest
name:
- mongodb-org
- nodejs
- bigbluebutton
- bbb-html5
- greenlight
- name: set BBB hostname
# We should only need to do this once. Make sure to remove
# /tmp/bbb-setip-done if the FQDN changes for whatever reason.
shell: 'bbb-conf --setip {{ ansible_fqdn }} && touch /tmp/bbb-setip-done'
args:
creates: /tmp/bbb-setip-done
- name: disable CPUSchedulingPolicy for Freeswitch
replace:
path: /lib/systemd/system/freeswitch.service
regexp: "^CPUSchedulingPolicy=rr"
replace: "#CPUSchedulingPolicy=rr"
notify: reload systemd
- name: disable IOSchedulingClass for Freeswitch
replace:
path: /lib/systemd/system/freeswitch.service
regexp: "^IOSchedulingClass=realtime"
replace: "#IOSchedulingClass=realtime"
notify: reload systemd
- name: disable CPUSchedulingPolicy for bbb-html5
replace:
path: /usr/lib/systemd/system/bbb-html5-backend@.service
regexp: "^CPUSchedulingPolicy=fifo"
replace: "#CPUSchedulingPolicy=fifo"
notify: reload systemd
# Make sure to place the certificate and key in this directory,
# and run `chmod 0600` on the key
- name: create SSL directory
@ -113,11 +119,11 @@
path: /usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties
regexp: 'http://'
replace: 'https://'
- name: configure BBB to load session via HTTPS (2)
replace:
path: /usr/share/red5/webapps/screenshare/WEB-INF/screenshare.properties
regexp: 'http://'
replace: 'https://'
#- name: configure BBB to load session via HTTPS (2)
# replace:
# path: /usr/share/red5/webapps/screenshare/WEB-INF/screenshare.properties
# regexp: 'http://'
# replace: 'https://'
- name: configure BBB to load session via HTTPS (3)
replace:
path: /usr/share/meteor/bundle/programs/server/assets/app/config/settings.yml
@ -188,7 +194,7 @@
- name: use custom STUN servers
copy:
src: '{{ playbook_dir }}/turn-stun-servers.xml'
dest: /usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml
dest: /etc/bigbluebutton/turn-stun-servers.xml
- name: update FreeSWITCH to listen for connections on external IP (1)
replace:
path: /opt/freeswitch/conf/vars.xml

Loading…
Cancel
Save