some updates
This commit is contained in:
parent
9ceb33a62b
commit
8d29e7ae23
|
@ -9,8 +9,8 @@ server {
|
||||||
server {
|
server {
|
||||||
server_name bbb.csclub.uwaterloo.ca;
|
server_name bbb.csclub.uwaterloo.ca;
|
||||||
|
|
||||||
listen 443 ssl;
|
listen 443 ssl http2;
|
||||||
listen [::]:443 ssl;
|
listen [::]:443 ssl http2;
|
||||||
|
|
||||||
ssl_certificate /etc/nginx/ssl/csclub-wildcard-chain.crt;
|
ssl_certificate /etc/nginx/ssl/csclub-wildcard-chain.crt;
|
||||||
ssl_certificate_key /etc/nginx/ssl/csclub-wildcard.key;
|
ssl_certificate_key /etc/nginx/ssl/csclub-wildcard.key;
|
||||||
|
@ -25,39 +25,39 @@ server {
|
||||||
|
|
||||||
# Handle RTMPT (RTMP Tunneling). Forwards requests
|
# Handle RTMPT (RTMP Tunneling). Forwards requests
|
||||||
# to Red5 on port 5080
|
# to Red5 on port 5080
|
||||||
location ~ (/open/|/close/|/idle/|/send/|/fcs/) {
|
#location ~ (/open/|/close/|/idle/|/send/|/fcs/) {
|
||||||
proxy_pass http://127.0.0.1:5080;
|
# proxy_pass http://127.0.0.1:5080;
|
||||||
proxy_redirect off;
|
# proxy_redirect off;
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|
||||||
client_max_body_size 10m;
|
# client_max_body_size 10m;
|
||||||
client_body_buffer_size 128k;
|
# client_body_buffer_size 128k;
|
||||||
|
|
||||||
proxy_connect_timeout 90;
|
# proxy_connect_timeout 90;
|
||||||
proxy_send_timeout 90;
|
# proxy_send_timeout 90;
|
||||||
proxy_read_timeout 90;
|
# proxy_read_timeout 90;
|
||||||
|
|
||||||
proxy_buffering off;
|
# proxy_buffering off;
|
||||||
keepalive_requests 1000000000;
|
# keepalive_requests 1000000000;
|
||||||
}
|
#}
|
||||||
|
|
||||||
# Handle desktop sharing tunneling. Forwards
|
# Handle desktop sharing tunneling. Forwards
|
||||||
# requests to Red5 on port 5080.
|
# requests to Red5 on port 5080.
|
||||||
location /deskshare {
|
#location /deskshare {
|
||||||
proxy_pass http://127.0.0.1:5080;
|
# proxy_pass http://127.0.0.1:5080;
|
||||||
proxy_redirect default;
|
# proxy_redirect default;
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
client_max_body_size 10m;
|
# client_max_body_size 10m;
|
||||||
client_body_buffer_size 128k;
|
# client_body_buffer_size 128k;
|
||||||
proxy_connect_timeout 90;
|
# proxy_connect_timeout 90;
|
||||||
proxy_send_timeout 90;
|
# proxy_send_timeout 90;
|
||||||
proxy_read_timeout 90;
|
# proxy_read_timeout 90;
|
||||||
proxy_buffer_size 4k;
|
# proxy_buffer_size 4k;
|
||||||
proxy_buffers 4 32k;
|
# proxy_buffers 4 32k;
|
||||||
proxy_busy_buffers_size 64k;
|
# proxy_busy_buffers_size 64k;
|
||||||
proxy_temp_file_write_size 64k;
|
# proxy_temp_file_write_size 64k;
|
||||||
include fastcgi_params;
|
# include fastcgi_params;
|
||||||
}
|
#}
|
||||||
|
|
||||||
# BigBlueButton landing page.
|
# BigBlueButton landing page.
|
||||||
location / {
|
location / {
|
||||||
|
|
98
playbook.yml
98
playbook.yml
|
@ -6,6 +6,20 @@
|
||||||
gem: gem2.7
|
gem: gem2.7
|
||||||
bundle: "/opt/greenlight/.gem/ruby/{{ ruby_version }}/bin/bundle"
|
bundle: "/opt/greenlight/.gem/ruby/{{ ruby_version }}/bin/bundle"
|
||||||
tasks:
|
tasks:
|
||||||
|
- name: install prerequisites
|
||||||
|
apt:
|
||||||
|
name:
|
||||||
|
- software-properties-common
|
||||||
|
- apt-transport-https
|
||||||
|
- sudo
|
||||||
|
- net-tools
|
||||||
|
- openjdk-8-jre
|
||||||
|
- curl
|
||||||
|
- wget
|
||||||
|
- gpg-agent
|
||||||
|
- dirmngr
|
||||||
|
- name: update-java-alternatives
|
||||||
|
command: update-java-alternatives -s java-1.8.0-openjdk-amd64
|
||||||
- name: add PPA for bigbluebutton support packages
|
- name: add PPA for bigbluebutton support packages
|
||||||
apt_repository:
|
apt_repository:
|
||||||
repo: ppa:bigbluebutton/support
|
repo: ppa:bigbluebutton/support
|
||||||
|
@ -17,78 +31,70 @@
|
||||||
repo: ppa:libreoffice/ppa
|
repo: ppa:libreoffice/ppa
|
||||||
- name: add GPG key for MongoDB
|
- name: add GPG key for MongoDB
|
||||||
apt_key:
|
apt_key:
|
||||||
url: https://www.mongodb.org/static/pgp/server-3.4.asc
|
url: https://www.mongodb.org/static/pgp/server-4.2.asc
|
||||||
- name: add repo for MongoDB
|
- name: add repo for MongoDB
|
||||||
apt_repository:
|
apt_repository:
|
||||||
repo: "deb [arch=amd64] http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.4 multiverse"
|
repo: "deb [arch=amd64] http://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.2 multiverse"
|
||||||
filename: mongodb-org-3.4
|
filename: mongodb-org-4.2
|
||||||
- name: add GPG key for Nodesource
|
- name: add GPG key for Nodesource
|
||||||
apt_key:
|
apt_key:
|
||||||
url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
|
url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key
|
||||||
- name: add repo for Nodesource
|
- name: add repo for Nodesource
|
||||||
apt_repository:
|
apt_repository:
|
||||||
repo: deb https://deb.nodesource.com/node_14.x xenial main
|
repo: deb https://deb.nodesource.com/node_14.x bionic main
|
||||||
filename: nodesource
|
filename: nodesource
|
||||||
- name: add GPG key for bigbluebutton
|
- name: add GPG key for bigbluebutton
|
||||||
apt_key:
|
apt_key:
|
||||||
url: https://ubuntu.bigbluebutton.org/repo/bigbluebutton.asc
|
url: https://ubuntu.bigbluebutton.org/repo/bigbluebutton.asc
|
||||||
- name: add repo for bigbluebutton
|
- name: add repo for bigbluebutton
|
||||||
apt_repository:
|
apt_repository:
|
||||||
repo: deb https://ubuntu.bigbluebutton.org/xenial-22/ bigbluebutton-xenial main
|
repo: deb https://ubuntu.bigbluebutton.org/bionic-23/ bigbluebutton-bionic main
|
||||||
filename: bigbluebutton
|
filename: bigbluebutton
|
||||||
- name: add GPG key for Brightbox ruby-ng
|
|
||||||
apt_key:
|
|
||||||
keyserver: keyserver.ubuntu.com
|
|
||||||
id: 80F70E11F0F0D5F10CB20E62F5DA5F09C3173AA6
|
|
||||||
- name: add repo for Brightbox ruby-ng
|
- name: add repo for Brightbox ruby-ng
|
||||||
apt_repository:
|
apt_repository:
|
||||||
repo: deb http://ppa.launchpad.net/brightbox/ruby-ng/ubuntu xenial main
|
repo: ppa:brightbox/ruby-ng
|
||||||
filename: brightbox.ruby-ng
|
|
||||||
- name: add GPG key for CSC
|
- name: add GPG key for CSC
|
||||||
apt_key:
|
apt_key:
|
||||||
url: http://debian.csclub.uwaterloo.ca/csclub.asc
|
url: http://debian.csclub.uwaterloo.ca/csclub.asc
|
||||||
- name: add CSC Debian repo
|
- name: add CSC Debian repo
|
||||||
apt_repository:
|
apt_repository:
|
||||||
repo: deb http://debian.csclub.uwaterloo.ca xenial main
|
repo: deb http://debian.csclub.uwaterloo.ca bionic main
|
||||||
filename: csclub
|
filename: csclub
|
||||||
- name: update apt cache
|
- name: update apt cache
|
||||||
apt:
|
apt:
|
||||||
update_cache: true
|
update_cache: true
|
||||||
- name: install apt-transport-https
|
- name: install packages
|
||||||
apt:
|
apt:
|
||||||
name: apt-transport-https
|
name:
|
||||||
state: latest
|
- mongodb-org
|
||||||
- name: install curl
|
- nodejs
|
||||||
apt:
|
- bigbluebutton
|
||||||
name: curl
|
- bbb-html5
|
||||||
state: latest
|
- greenlight
|
||||||
- name: install MongoDB
|
|
||||||
apt:
|
|
||||||
name: mongodb-org
|
|
||||||
state: latest
|
|
||||||
- name: install nodejs
|
|
||||||
apt:
|
|
||||||
# consider apt pinning this
|
|
||||||
name: nodejs
|
|
||||||
state: latest
|
|
||||||
- name: install bigbluebutton
|
|
||||||
apt:
|
|
||||||
name: bigbluebutton
|
|
||||||
state: latest
|
|
||||||
- name: install bbb-html5
|
|
||||||
apt:
|
|
||||||
name: bbb-html5
|
|
||||||
state: latest
|
|
||||||
- name: install greenlight
|
|
||||||
apt:
|
|
||||||
name: greenlight
|
|
||||||
state: latest
|
|
||||||
- name: set BBB hostname
|
- name: set BBB hostname
|
||||||
# We should only need to do this once. Make sure to remove
|
# We should only need to do this once. Make sure to remove
|
||||||
# /tmp/bbb-setip-done if the FQDN changes for whatever reason.
|
# /tmp/bbb-setip-done if the FQDN changes for whatever reason.
|
||||||
shell: 'bbb-conf --setip {{ ansible_fqdn }} && touch /tmp/bbb-setip-done'
|
shell: 'bbb-conf --setip {{ ansible_fqdn }} && touch /tmp/bbb-setip-done'
|
||||||
args:
|
args:
|
||||||
creates: /tmp/bbb-setip-done
|
creates: /tmp/bbb-setip-done
|
||||||
|
- name: disable CPUSchedulingPolicy for Freeswitch
|
||||||
|
replace:
|
||||||
|
path: /lib/systemd/system/freeswitch.service
|
||||||
|
regexp: "^CPUSchedulingPolicy=rr"
|
||||||
|
replace: "#CPUSchedulingPolicy=rr"
|
||||||
|
notify: reload systemd
|
||||||
|
- name: disable IOSchedulingClass for Freeswitch
|
||||||
|
replace:
|
||||||
|
path: /lib/systemd/system/freeswitch.service
|
||||||
|
regexp: "^IOSchedulingClass=realtime"
|
||||||
|
replace: "#IOSchedulingClass=realtime"
|
||||||
|
notify: reload systemd
|
||||||
|
- name: disable CPUSchedulingPolicy for bbb-html5
|
||||||
|
replace:
|
||||||
|
path: /usr/lib/systemd/system/bbb-html5-backend@.service
|
||||||
|
regexp: "^CPUSchedulingPolicy=fifo"
|
||||||
|
replace: "#CPUSchedulingPolicy=fifo"
|
||||||
|
notify: reload systemd
|
||||||
# Make sure to place the certificate and key in this directory,
|
# Make sure to place the certificate and key in this directory,
|
||||||
# and run `chmod 0600` on the key
|
# and run `chmod 0600` on the key
|
||||||
- name: create SSL directory
|
- name: create SSL directory
|
||||||
|
@ -113,11 +119,11 @@
|
||||||
path: /usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties
|
path: /usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties
|
||||||
regexp: 'http://'
|
regexp: 'http://'
|
||||||
replace: 'https://'
|
replace: 'https://'
|
||||||
- name: configure BBB to load session via HTTPS (2)
|
#- name: configure BBB to load session via HTTPS (2)
|
||||||
replace:
|
# replace:
|
||||||
path: /usr/share/red5/webapps/screenshare/WEB-INF/screenshare.properties
|
# path: /usr/share/red5/webapps/screenshare/WEB-INF/screenshare.properties
|
||||||
regexp: 'http://'
|
# regexp: 'http://'
|
||||||
replace: 'https://'
|
# replace: 'https://'
|
||||||
- name: configure BBB to load session via HTTPS (3)
|
- name: configure BBB to load session via HTTPS (3)
|
||||||
replace:
|
replace:
|
||||||
path: /usr/share/meteor/bundle/programs/server/assets/app/config/settings.yml
|
path: /usr/share/meteor/bundle/programs/server/assets/app/config/settings.yml
|
||||||
|
@ -188,7 +194,7 @@
|
||||||
- name: use custom STUN servers
|
- name: use custom STUN servers
|
||||||
copy:
|
copy:
|
||||||
src: '{{ playbook_dir }}/turn-stun-servers.xml'
|
src: '{{ playbook_dir }}/turn-stun-servers.xml'
|
||||||
dest: /usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml
|
dest: /etc/bigbluebutton/turn-stun-servers.xml
|
||||||
- name: update FreeSWITCH to listen for connections on external IP (1)
|
- name: update FreeSWITCH to listen for connections on external IP (1)
|
||||||
replace:
|
replace:
|
||||||
path: /opt/freeswitch/conf/vars.xml
|
path: /opt/freeswitch/conf/vars.xml
|
||||||
|
|
Loading…
Reference in New Issue