From 01fca8b5346a687ea0a3dac12fd2df7b991877e1 Mon Sep 17 00:00:00 2001 From: MrWaffelXD <64161405+MrWaffelXD@users.noreply.github.com> Date: Sun, 21 Jul 2024 22:13:01 +0200 Subject: [PATCH 01/17] fixed a dependency issue which led to an error during build --- mod/recordings/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/recordings/Dockerfile b/mod/recordings/Dockerfile index 9f087630..c04ac861 100644 --- a/mod/recordings/Dockerfile +++ b/mod/recordings/Dockerfile @@ -78,7 +78,7 @@ COPY --from=presentation /scripts /usr/local/bigbluebutton/core/scripts/ # install ruby dependencies RUN cd /usr/local/bigbluebutton/core \ && gem install builder \ - && gem install bundler --no-document \ + && gem install bundler -v 2.4.22 --no-document \ && bundle config set --local deployment true \ && bundle install \ && bundle clean \ From 437022b6bf0a535ee598583e9a2ba74c5b6e89db Mon Sep 17 00:00:00 2001 From: timo Date: Fri, 28 Mar 2025 16:30:37 +0100 Subject: [PATCH 02/17] update bbb-build container tag --- scripts/generate-compose | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate-compose b/scripts/generate-compose index 81a546fc..b55aaf1d 100755 --- a/scripts/generate-compose +++ b/scripts/generate-compose @@ -36,7 +36,7 @@ function get_tag { } # https://hub.docker.com/r/bigbluebutton/bbb-build -BBB_BUILD_TAG=v3.0.x-release--2025-02-06-143818 +BBB_BUILD_TAG=v3.0.x-release--2025-03-12-163403 docker run \ --rm \ From 75f7a1fc2601eb9a26ccd325602942fa1b433889 Mon Sep 17 00:00:00 2001 From: timo Date: Thu, 27 Mar 2025 10:41:03 +0100 Subject: [PATCH 03/17] add safari fix for v3.0.4, closes #348 --- mod/nginx/Dockerfile | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/mod/nginx/Dockerfile b/mod/nginx/Dockerfile index 0bf0ab38..5ef24887 100644 --- a/mod/nginx/Dockerfile +++ b/mod/nginx/Dockerfile @@ -11,7 +11,24 @@ RUN cd /bbb-playback && npm install && npm run-script build FROM bigbluebutton/bbb-build:$BBB_BUILD_TAG AS builder-html5 COPY --from=src-html5 / /source RUN cd /source && CI=true npm ci -RUN cd /source && DISABLE_ESLINT_PLUGIN=true npm run build +RUN cd /source && DISABLE_ESLINT_PLUGIN=true npm run build-safari && npm run build +RUN cd /source/dist && \ + HASH=$(ls | grep -Eo 'bundle\.[a-f0-9]{20}\.js' | head -n 1 | grep -Eo '[a-f0-9]{20}') && \ + if [ -z "$HASH" ]; then \ + echo "Bundle hash not found."; \ + else \ + for FILE in *.safari.js *.safari.js.map; do \ + if [[ "$FILE" == *"$HASH"* ]]; then \ + continue; \ + fi; \ + PREFIX="${FILE%%.safari.js*}"; \ + SUFFIX="${FILE#*.safari.js}"; \ + NEW_NAME="${PREFIX}.${HASH}.safari.js${SUFFIX}"; \ + echo "Renaming $FILE → $NEW_NAME"; \ + mv "$FILE" "$NEW_NAME"; \ + done; \ + fi + RUN find /source/dist -name '*.js' -exec gzip -k -f -9 '{}' \; \ && find /source/dist -name '*.css' -exec gzip -k -f -9 '{}' \; \ && find /source/dist -name '*.wasm' -exec gzip -k -f -9 '{}' \; From 40e54de7f021c0c7d9c651534782fe8660a3311d Mon Sep 17 00:00:00 2001 From: timo Date: Fri, 28 Mar 2025 21:23:59 +0100 Subject: [PATCH 04/17] use always latest bbb-build version --- scripts/generate-compose | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/generate-compose b/scripts/generate-compose index b55aaf1d..54617dcf 100755 --- a/scripts/generate-compose +++ b/scripts/generate-compose @@ -36,7 +36,7 @@ function get_tag { } # https://hub.docker.com/r/bigbluebutton/bbb-build -BBB_BUILD_TAG=v3.0.x-release--2025-03-12-163403 +BBB_BUILD_TAG=v3.0.x-release docker run \ --rm \ From 5aafb4d7790f4d0962967372bcea90b01e911d34 Mon Sep 17 00:00:00 2001 From: Matthijs Kooijman Date: Sun, 14 Sep 2025 17:56:27 +0200 Subject: [PATCH 05/17] Update network-config.md to current situation This still listed old (now removed) containers and missed newly added ones, which are now fixed. This also makes the network_mode: host listings consistent, and removes the "extra_hosts" listed for nginx (this does not really seem to have much advantage in docs, unlike a list of allocated IP addresses which *is* useful). The list is slightly reordered to match the order in docker-compose.tmpl.yml. --- docs/network-config.md | 33 ++++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/docs/network-config.md b/docs/network-config.md index 32891837..1e437a98 100644 --- a/docs/network-config.md +++ b/docs/network-config.md @@ -1,30 +1,33 @@ ## Network Configuration Services as configured. -|Service | Network | IP address | Other Option | + +|Service | Network | IP address | --- | --- | --- | --- +| html5-dev | network_mode: host | | | bbb-web | bbb-net | 10.7.7.2 | +| freeswitch| bbb-net | 10.7.7.10 | +| nginx | network_mode: host | | +| etherpad | bbb-net | 10.7.7.4 | | bbb-pads | bbb-net | 10.7.7.18 | -| html5-backend-{{$i}} | bbb-net | 10.7.7.{{add 100 $i}}| Port {{ add 4000 $i }} -| html5-frontend-{{$i}}| bbb-net | 10.7.7.{{add 200 $i}}| Port {{ add 4100 $i }} -| freeswitch| network_mode: host | | -| nginx | network_mode: host| | extra_hosts:
- "host.docker.internal:10.7.7.1"
- "core:10.7.7.2"
- "etherpad:10.7.7.4"
- "webrtc-sfu:10.7.7.10"
- "html5:10.7.7.11" -| etherpad | bbb-net | 10.7.7.4| -| redis | bbb-net | 10.7.7.5| -| mongodb | bbb-net | 10.7.7.6| -| kurento | network-mode: host | | -| webrtc-sfu | bbb-net | | network_mode: host +| bbb-export-annotations | bbb-net | 10.7.7.19 | +| redis | bbb-net | 10.7.7.5 | +| webrtc-sfu | network_mode: host | | | fsesl-akka | bbb-net | 10.7.7.14 | | apps-akka | bbb-net | 10.7.7.15 | -| libreoffice | bbb-net | 10.7.7.7 | +| bbb-graphql-server | bbb-net | 10.7.7.31 | +| bbb-graphql-actions | bbb-net | 10.7.7.30 | +| bbb-graphql-middleware | bbb-net | 10.7.7.32 | +| collabora | bbb-net | 10.7.7.20 | | periodic | bbb-net | 10.7.7.12 | | recordings | bbb-net | 10.7.7.16 | +| bbb-webrtc-recorder | network_mode: host | | | webhooks | bbb-net | 10.7.7.17 | -| https_proxy | bbb-net | |network_mode: host +| haproxy | network_mode: host | | | coturn | network_mode: host | | -| greenlight | | | ports: 10.7.7.1:5000:80 -| prometheus | bbb-net | 10.7.7.33 | -| bbb-export-annotations | bbb-net | 10.7.7.19 | +| greenlight | bbb-net | 10.7.7.21 | +| postgres | bbb-net | 10.7.7.22 | +| prometheus-exporter | bbb-net | 10.7.7.33 | ```yml networks: From 134e5f84fc1aaa91747a75bc6b58fd28b60cd51d Mon Sep 17 00:00:00 2001 From: Matthijs Kooijman Date: Sun, 14 Sep 2025 17:40:42 +0200 Subject: [PATCH 06/17] Do not use network_mode: host for nginx This is not really needed, nginx is always intended to be behind a reverse proxy, so it can just expose its ports on the internal network. This prevents having the 4808x ports exposed externally (though a user can still expose them explicitly with a ports directive if needed). This removes the "nginx" extra-hosts definition from the bbb-graphql-middleware host container, since the "nginx" name now resolves to the nginx internal IP normally. In the haproxy config, this updates the IP address instead of using the "nginx" name, as it seems that the haproxy resolv.conf does not list the docker resolver but somehow uses the (host system) external DNS directly. Nginx also listens on port 8185. Previously this bound to 127.0.0.1 and 10.7.7.1 (the host-side IP of the internal network) explicitly, presumably to prevent this port being available publically, but this is no longer needed, so now it can just bind to the port directly. --- docker-compose.tmpl.yml | 8 ++++---- docs/existing-web-server.md | 12 +++++++++++- docs/network-config.md | 2 +- mod/haproxy/haproxy.cfg | 4 ++-- mod/nginx/bigbluebutton | 3 +-- 5 files changed, 19 insertions(+), 10 deletions(-) diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index 7f8acd19..1fb0d918 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -126,9 +126,11 @@ services: # overwrite html5 config - ./mod/nginx/bbb-html5.dev.nginx:/etc/nginx/bbb/bbb-html5.nginx:ro {{ end }} + networks: + bbb-net: + ipv4_address: 10.7.7.34 tmpfs: - /tmp - network_mode: host extra_hosts: - "host.docker.internal:10.7.7.1" - "bbb-web:10.7.7.2" @@ -353,8 +355,6 @@ services: networks: bbb-net: ipv4_address: 10.7.7.32 - extra_hosts: - - "nginx:10.7.7.1" {{ if isTrue .Env.DEV_MODE }} user: ${BBB_DEV_UID}:${BBB_DEV_GID} @@ -512,7 +512,7 @@ services: DATABASE_URL: postgres://postgres:${POSTGRESQL_SECRET:-password}@postgres:5432/greenlight REDIS_URL: redis://redis:6379 {{ if $ignore_tls_cert_errors }} - BIGBLUEBUTTON_ENDPOINT: http://10.7.7.1:48083/bigbluebutton/api + BIGBLUEBUTTON_ENDPOINT: http://10.7.7.34:48083/bigbluebutton/api {{else}} BIGBLUEBUTTON_ENDPOINT: https://${DOMAIN}/bigbluebutton/api {{end}} diff --git a/docs/existing-web-server.md b/docs/existing-web-server.md index adf2ff82..4ca3f09a 100644 --- a/docs/existing-web-server.md +++ b/docs/existing-web-server.md @@ -8,7 +8,17 @@ You could dedicate a virtual host to BigBlueButton, allowing external access to ## Installation 1. Install BigBlueButton Docker [as explained above](#install). While running the setup script, please choose `n` when you're asked the following question: `Should an automatic HTTPS Proxy be included? (y/n)`. -2. Now all the required Docker containers should be running. BigBlueButton listens to port 48087. Create a virtual host by which BigBlueButton will be publicly accessible (in this case, let's assume the following server name for the virtual host: `bbb.example.com`). Enable SSL for the new _https_ virtual host. Make sure that the SSL certificate you will be using is signed by a CA (Certificate Authority). You could generate an SSL certificate for free using Let's Encrypt. It is suggested to add some directives to the _http_ virtual host `bbb.example.com` to redirect all requests to the _https_ one. +2. Now all the required Docker containers should be running. BigBlueButton listens to port 48087 (among others, but 48087 is intended for external reverse proxies). By default, the port is only opened on the internal bbb-net network created by docker-compose, so either your reverse proxy should run within the same docker-compose file or otherwise have access to the network, or the port should be made available on the host system by adding something like: + ``` + ports: + - "127.0.0.1:48087:48087 + - "[::1]:48087:48087 + ``` + In the `nginx` container config in `docker-compose.yml`. + + The rest of this document assumes you did the latter. + +3. Create a virtual host by which BigBlueButton will be publicly accessible (in this case, let's assume the following server name for the virtual host: `bbb.example.com`). Enable SSL for the new _https_ virtual host. Make sure that the SSL certificate you will be using is signed by a CA (Certificate Authority). You could generate an SSL certificate for free using Let's Encrypt. It is suggested to add some directives to the _http_ virtual host `bbb.example.com` to redirect all requests to the _https_ one. At this point, choose one of the following sections according to which Web server you're running ([Apache](#integration-with-apache)). diff --git a/docs/network-config.md b/docs/network-config.md index 1e437a98..d9a58ef7 100644 --- a/docs/network-config.md +++ b/docs/network-config.md @@ -7,7 +7,7 @@ Services as configured. | html5-dev | network_mode: host | | | bbb-web | bbb-net | 10.7.7.2 | | freeswitch| bbb-net | 10.7.7.10 | -| nginx | network_mode: host | | +| nginx | bbb-net | 10.7.7.34 | | etherpad | bbb-net | 10.7.7.4 | | bbb-pads | bbb-net | 10.7.7.18 | | bbb-export-annotations | bbb-net | 10.7.7.19 | diff --git a/mod/haproxy/haproxy.cfg b/mod/haproxy/haproxy.cfg index a66c2dd8..eb95d569 100644 --- a/mod/haproxy/haproxy.cfg +++ b/mod/haproxy/haproxy.cfg @@ -73,8 +73,8 @@ backend turn backend nginx mode tcp - server localhost 10.7.7.1:48081 send-proxy check + server localhost 10.7.7.34:48081 send-proxy check backend nginx-http2 mode tcp - server localhost 10.7.7.1:48082 send-proxy check + server localhost 10.7.7.34:48082 send-proxy check diff --git a/mod/nginx/bigbluebutton b/mod/nginx/bigbluebutton index 58c5b20f..a7ff2f02 100644 --- a/mod/nginx/bigbluebutton +++ b/mod/nginx/bigbluebutton @@ -70,8 +70,7 @@ upstream hasura { # server 127.0.0.1:8086; } server { - listen 10.7.7.1:8185; - listen 127.0.0.1:8185; + listen 8185; root /var/www/html; From 6310b1b34f096101918ec8c57c5f7b96ebf186d6 Mon Sep 17 00:00:00 2001 From: Matthijs Kooijman Date: Sun, 14 Sep 2025 17:40:42 +0200 Subject: [PATCH 07/17] Do not use network_mode: host for haproxy This is not really needed, haproxy only needs to expose two ports externally, so better to make that explicit using a ports directive, which also gives the user more control. --- docker-compose.tmpl.yml | 7 ++++++- docs/network-config.md | 2 +- mod/nginx/nginx.conf | 4 ++-- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index 1fb0d918..8570eafc 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -479,7 +479,12 @@ services: - IGNORE_TLS_CERT_ERRORS={{$ignore_tls_cert_errors}} - CERT1=${DOMAIN} - EMAIL=${LETSENCRYPT_EMAIL} - network_mode: host + ports: + - 80:80 + - 443:443 + networks: + bbb-net: + ipv4_address: 10.7.7.35 {{end}} # coturn diff --git a/docs/network-config.md b/docs/network-config.md index d9a58ef7..cc0d757a 100644 --- a/docs/network-config.md +++ b/docs/network-config.md @@ -23,7 +23,7 @@ Services as configured. | recordings | bbb-net | 10.7.7.16 | | bbb-webrtc-recorder | network_mode: host | | | webhooks | bbb-net | 10.7.7.17 | -| haproxy | network_mode: host | | +| haproxy | bbb-net | 10.7.7.35 | | coturn | network_mode: host | | | greenlight | bbb-net | 10.7.7.21 | | postgres | bbb-net | 10.7.7.22 | diff --git a/mod/nginx/nginx.conf b/mod/nginx/nginx.conf index 270b9eae..fbc8cdc4 100644 --- a/mod/nginx/nginx.conf +++ b/mod/nginx/nginx.conf @@ -40,13 +40,13 @@ http { listen 48083 http2; location /bigbluebutton/api/join { - return 301 https://10.7.7.1$request_uri; + return 301 https://10.7.7.35$request_uri; } location /bigbluebutton/api { proxy_pass http://127.0.0.1:48087; } location / { - return 301 https://10.7.7.1$request_uri; + return 301 https://10.7.7.35$request_uri; } } From bb9e7ae23cb12df75d8879c0f3caf5229a09f474 Mon Sep 17 00:00:00 2001 From: Matthijs Kooijman Date: Sun, 14 Sep 2025 18:32:58 +0200 Subject: [PATCH 08/17] Add missing volume mounts for coturn and redis These directories were marked as volumes in their dockerfile, but nothing was explicitly mounted on them. This makes docker create an unnamed volume and mount that when the container is created, which means that on every down/up cycle, it would leave two unnamed volumes lingering around. Explicitly mounting these data directories prevents this. --- docker-compose.tmpl.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index 7f8acd19..ea1ca906 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -207,6 +207,8 @@ services: networks: bbb-net: ipv4_address: 10.7.7.5 + volumes: + - ./data/redis:/data webrtc-sfu: build: @@ -495,6 +497,7 @@ services: - "--relay-ip=${EXTERNAL_IPv6:-::1}" volumes: - ./mod/coturn/turnserver.conf:/etc/coturn/turnserver.conf + - ./data/coturn:/var/lib/coturn network_mode: host From 5e7880fe19c3984a7704ec45da9b1c95bef95250 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sat, 27 Sep 2025 00:36:27 +0200 Subject: [PATCH 09/17] Introduced variables to deactivate Collabora and Coturn container to be able to use external services --- docker-compose.tmpl.yml | 10 ++++++++-- sample.env | 13 +++++++++++++ scripts/generate-compose | 2 ++ 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index 7f8acd19..a411f840 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -35,7 +35,9 @@ services: - redis - etherpad - bbb-pads + {{ if isTrue .Env.ENABLE_COLLABORA }} - collabora + {{ end }} healthcheck: test: wget --no-proxy --no-verbose --tries=1 --spider http://10.7.7.2:8090/bigbluebutton/api || exit 1 start_period: 2m @@ -150,7 +152,9 @@ services: restart: unless-stopped depends_on: - redis + {{ if isTrue .Env.ENABLE_COLLABORA }} - collabora + {{ end }} environment: ETHERPAD_API_KEY: ${ETHERPAD_API_KEY} networks: @@ -366,6 +370,7 @@ services: - ./.cache/go-build:/.cache/go-build:rw {{ end }} +{{ if isTrue .Env.ENABLE_COLLABORA }} collabora: image: collabora/code:latest restart: unless-stopped @@ -377,7 +382,7 @@ services: # disable logging (way to verbose) logging: driver: none - +{{ end }} periodic: build: mod/periodic @@ -482,6 +487,7 @@ services: network_mode: host {{end}} +{{ if isTrue .Env.ENABLE_COTURN }} # coturn coturn: image: coturn/coturn:4.6-alpine @@ -496,7 +502,7 @@ services: volumes: - ./mod/coturn/turnserver.conf:/etc/coturn/turnserver.conf network_mode: host - +{{end}} {{ if isTrue .Env.ENABLE_GREENLIGHT }} # greenlight diff --git a/sample.env b/sample.env index 99b654ec..f717d9f0 100644 --- a/sample.env +++ b/sample.env @@ -12,6 +12,19 @@ LETSENCRYPT_EMAIL=test@example.net # https://docs.bigbluebutton.org/greenlight/gl-overview.html ENABLE_GREENLIGHT=true + +# Collabora +# Enable Collabora service +# Deactivate if you use an external coturn server +# https://www.collaboraonline.com/ +ENABLE_COLLABORA=true + +# Coturn +# Enable Coturn service +# Deactivate if you use an external coturn server +# https://github.com/coturn/coturn +ENABLE_COTURN=true + # Enable Webhooks # used by some integrations #ENABLE_WEBHOOKS=true diff --git a/scripts/generate-compose b/scripts/generate-compose index 54617dcf..0fd92457 100755 --- a/scripts/generate-compose +++ b/scripts/generate-compose @@ -59,6 +59,8 @@ docker run \ -e ENABLE_HTTPS_PROXY=${ENABLE_HTTPS_PROXY:-false} \ -e ENABLE_WEBHOOKS=${ENABLE_WEBHOOKS:-false} \ -e ENABLE_GREENLIGHT=${ENABLE_GREENLIGHT:-false} \ + -e ENABLE_COTURN=${ENABLE_COTURN:-true} \ + -e ENABLE_COLLABORA=${ENABLE_COLLABORA:-true} \ -e ENABLE_PROMETHEUS_EXPORTER=${ENABLE_PROMETHEUS_EXPORTER:-false} \ -e ENABLE_PROMETHEUS_EXPORTER_OPTIMIZATION=${ENABLE_PROMETHEUS_EXPORTER_OPTIMIZATION:-false} \ jwilder/dockerize -template /docker-compose.tmpl.yml \ From b8de2a38e2895085727ec1f46d69137939d54987 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sat, 27 Sep 2025 01:00:30 +0200 Subject: [PATCH 10/17] Make Collabora service URL configurable via COLLABORA_URL env variable across docker-compose, office-convert.sh, etherpad-export.sh, and sample.env --- docker-compose.tmpl.yml | 2 ++ mod/bbb-web/office-convert.sh | 2 +- mod/etherpad/etherpad-export.sh | 2 +- sample.env | 1 + 4 files changed, 5 insertions(+), 2 deletions(-) diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index a411f840..b60038c8 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -54,6 +54,7 @@ services: TURN_EXT_SERVER: ${TURN_EXT_SERVER:-} TURN_EXT_SECRET: ${TURN_EXT_SECRET:-} ENABLE_LEARNING_DASHBOARD: ${ENABLE_LEARNING_DASHBOARD:-true} + COLLABORA_URL: ${COLLABORA_URL:-https://collabora:9980/cool} volumes: - ./data/bigbluebutton:/var/bigbluebutton - ./data/freeswitch-meetings:/var/freeswitch/meetings @@ -157,6 +158,7 @@ services: {{ end }} environment: ETHERPAD_API_KEY: ${ETHERPAD_API_KEY} + COLLABORA_URL: ${COLLABORA_URL:-https://collabora:9980/cool} networks: bbb-net: ipv4_address: 10.7.7.4 diff --git a/mod/bbb-web/office-convert.sh b/mod/bbb-web/office-convert.sh index f896bfc5..ee88b34f 100755 --- a/mod/bbb-web/office-convert.sh +++ b/mod/bbb-web/office-convert.sh @@ -31,6 +31,6 @@ timeoutSecs="${timeoutSecs:0:3}" # The timeout is important. -timeout $(printf %03d $timeoutSecs)s curl -F "data=@${source}" -k https://collabora:9980/cool/convert-to/$convertTo > "${dest}" +timeout $(printf %03d $timeoutSecs)s curl -F "data=@${source}" -k $COLLABORA_URL/convert-to/$convertTo > "${dest}" exit 0 diff --git a/mod/etherpad/etherpad-export.sh b/mod/etherpad/etherpad-export.sh index 6bf6e672..0ebd7331 100755 --- a/mod/etherpad/etherpad-export.sh +++ b/mod/etherpad/etherpad-export.sh @@ -4,6 +4,6 @@ dest="$(echo $8 | sed -E -e 's/html|odt/'$7'/')" convertTo="$7" -curl -v -F "data=@${src}" -k https://collabora:9980/cool/convert-to/$convertTo > "${dest}" +curl -v -F "data=@${src}" -k $COLLABORA_URL/convert-to/$convertTo > "${dest}" exit 0 \ No newline at end of file diff --git a/sample.env b/sample.env index f717d9f0..1cc1fc21 100644 --- a/sample.env +++ b/sample.env @@ -18,6 +18,7 @@ ENABLE_GREENLIGHT=true # Deactivate if you use an external coturn server # https://www.collaboraonline.com/ ENABLE_COLLABORA=true +COLLABORA_URL=https://collabora:9980/cool # Coturn # Enable Coturn service From 222e728da90a139090a012b880ef668e4e94d2b6 Mon Sep 17 00:00:00 2001 From: Timo Schwarzer Date: Tue, 7 Oct 2025 20:54:39 +0200 Subject: [PATCH 11/17] Add restart policy to HAProxy container --- docker-compose.tmpl.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index 7f8acd19..58247315 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -471,6 +471,7 @@ services: haproxy: build: mod/haproxy image: alangecker/bbb-haproxy:2.8.10 + restart: unless-stopped volumes: - ./data/haproxy/letsencrypt:/etc/letsencrypt - ./mod/haproxy/haproxy.cfg:/etc/haproxy/haproxy.cfg From d71f857276b072b993efd1f0fc1fd95a1434dbe9 Mon Sep 17 00:00:00 2001 From: chandi Date: Sat, 10 Jan 2026 00:20:18 +0100 Subject: [PATCH 12/17] BigBlueButton v3.0.4 -> v3.0.19 --- docker-compose.tmpl.yml | 18 ++++---- mod/base-java/Dockerfile | 2 +- .../config/settings.json | 8 ++-- mod/bbb-graphql-server/entrypoint.sh | 4 +- mod/bbb-pads/Dockerfile | 2 +- mod/bbb-web/Dockerfile | 15 +++--- mod/bbb-web/bbb-web.properties | 4 +- mod/bbb-web/entrypoint.sh | 2 +- mod/bbb-web/run-in-systemd.sh | 10 ++++ mod/bbb-webrtc-recorder/Dockerfile | 2 +- mod/etherpad/Dockerfile | 2 +- mod/nginx/Dockerfile | 2 +- mod/nginx/bbb/bbb-html5.nginx | 8 ++++ mod/nginx/bbb/graphql.nginx | 46 ++++++++++++++++--- mod/nginx/bbb/web.nginx | 4 ++ mod/recordings/Dockerfile | 33 ++++++------- mod/recordings/entrypoint.sh | 2 +- mod/recordings/supervisord.conf | 12 ++--- repos/bbb-pads | 2 +- repos/bbb-playback | 2 +- repos/bbb-webhooks | 2 +- repos/bbb-webrtc-recorder | 2 +- repos/bbb-webrtc-sfu | 2 +- repos/bigbluebutton | 2 +- repos/tags | 12 ++--- scripts/generate-compose | 2 +- 26 files changed, 129 insertions(+), 73 deletions(-) create mode 100755 mod/bbb-web/run-in-systemd.sh diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index 9fa1e811..7ea0f234 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -119,7 +119,7 @@ services: args: BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} TAG_BBB: {{ .Env.TAG_BBB }} - image: alangecker/bbb-docker-nginx:{{ .Env.TAG_BBB }}-{{ .Env.TAG_PLAYBACK }}-1.25 + image: alangecker/bbb-docker-nginx:{{ .Env.TAG_BBB }}-{{ .Env.TAG_PLAYBACK }}-1.29 restart: unless-stopped volumes: - ./data/bigbluebutton:/var/bigbluebutton @@ -148,8 +148,8 @@ services: - plugin=./repos/bbb-etherpad-plugin - skin=./repos/bbb-etherpad-skin args: - TAG_ETHERPAD: "2.2.7" - image: alangecker/bbb-docker-etherpad:2.2.7-s{{ .Env.COMMIT_ETHERPAD_SKIN }}-p{{ .Env.COMMIT_ETHERPAD_PLUGIN }} + TAG_ETHERPAD: "2.4.2" + image: alangecker/bbb-docker-etherpad:2.4.2-s{{ .Env.COMMIT_ETHERPAD_SKIN }}-p{{ .Env.COMMIT_ETHERPAD_PLUGIN }} restart: unless-stopped depends_on: - redis @@ -203,7 +203,7 @@ services: - /tmp redis: - image: redis:7.2-alpine + image: redis:8.4-alpine restart: unless-stopped healthcheck: test: ["CMD", "redis-cli", "ping"] @@ -298,7 +298,7 @@ services: - src=./repos/bigbluebutton/bbb-graphql-server args: BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} - GRAPHQL_ENGINE_TAG: v2.45.0 + GRAPHQL_ENGINE_TAG: v2.48.1 image: alangecker/bbb-docker-graphql-server:{{ .Env.TAG_BBB }} depends_on: - postgres @@ -418,7 +418,7 @@ services: - bbb-conf=./repos/bigbluebutton/bigbluebutton-config args: BBB_BUILD_TAG: {{ .Env.BBB_BUILD_TAG }} - TAG_BBB_PRESENTATION_VIDEO: "5.0.0-beta.2" + TAG_BBB_PRESENTATION_VIDEO: "5.0.0" image: alangecker/bbb-docker-recordings:{{ .Env.TAG_BBB }} restart: unless-stopped depends_on: @@ -479,7 +479,7 @@ services: haproxy: build: mod/haproxy - image: alangecker/bbb-haproxy:2.8.10 + image: alangecker/bbb-haproxy:3.0.9 restart: unless-stopped volumes: - ./data/haproxy/letsencrypt:/etc/letsencrypt @@ -495,7 +495,7 @@ services: {{ if isTrue .Env.ENABLE_COTURN }} # coturn coturn: - image: coturn/coturn:4.6-alpine + image: coturn/coturn:4.8-alpine restart: unless-stopped command: - "--external-ip=${EXTERNAL_IPv4}/${EXTERNAL_IPv4}" @@ -513,7 +513,7 @@ services: {{ if isTrue .Env.ENABLE_GREENLIGHT }} # greenlight greenlight: - image: bigbluebutton/greenlight:v3.5.0 + image: bigbluebutton/greenlight:v3.6.3 restart: unless-stopped env_file: .env depends_on: diff --git a/mod/base-java/Dockerfile b/mod/base-java/Dockerfile index 810feee1..bf0c78b9 100644 --- a/mod/base-java/Dockerfile +++ b/mod/base-java/Dockerfile @@ -2,7 +2,7 @@ FROM eclipse-temurin:17-jre-jammy RUN apt-get update && apt-get install -y \ wget unzip gosu locales \ - imagemagick xpdf-utils curl \ + libmagickcore-extra xpdf-utils curl \ && sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && locale-gen ENV LANG en_US.UTF-8 diff --git a/mod/bbb-export-annotations/config/settings.json b/mod/bbb-export-annotations/config/settings.json index 7fe69f48..294c3be7 100644 --- a/mod/bbb-export-annotations/config/settings.json +++ b/mod/bbb-export-annotations/config/settings.json @@ -32,9 +32,9 @@ } }, "fonts": { - "draw": "/usr/local/share/fonts/CaveatBrush-Regular-2015-09-23.ttf", - "sans": "/usr/local/share/fonts/CrimsonPro[wght]-1.003.ttf", - "serif": "/usr/local/share/fonts/SourceSansPro-Regular-2.045.ttf", - "mono": "/usr/local/share/fonts/SourceCodePro-Regular-2.038.ttf" + "draw": "/usr/local/share/fonts/Shantell_Sans-Tldrawish.woff2", + "sans": "/usr/local/share/fonts/IBMPlexSans-Medium.woff2", + "serif": "/usr/local/share/fonts/IBMPlexSerif-Medium.woff2", + "mono": "/usr/local/share/fonts/IBMPlexMono-Medium.woff2" } } \ No newline at end of file diff --git a/mod/bbb-graphql-server/entrypoint.sh b/mod/bbb-graphql-server/entrypoint.sh index 096d49cd..f14e2f49 100755 --- a/mod/bbb-graphql-server/entrypoint.sh +++ b/mod/bbb-graphql-server/entrypoint.sh @@ -11,9 +11,9 @@ export HASURA_GRAPHQL_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWO export HASURA_GRAPHQL_METADATA_DATABASE_URL=postgres://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/hasura_app export HASURA_GRAPHQL_LOG_LEVEL=warn export HASURA_GRAPHQL_ENABLE_CONSOLE=false -export HASURA_GRAPHQL_LIVE_QUERIES_MULTIPLEXED_REFETCH_INTERVAL=250 +export HASURA_GRAPHQL_LIVE_QUERIES_MULTIPLEXED_REFETCH_INTERVAL=333 export HASURA_GRAPHQL_LIVE_QUERIES_MULTIPLEXED_BATCH_SIZE=1000 -export HASURA_GRAPHQL_STREAMING_QUERIES_MULTIPLEXED_REFETCH_INTERVAL=100 +export HASURA_GRAPHQL_STREAMING_QUERIES_MULTIPLEXED_REFETCH_INTERVAL=150 export HASURA_GRAPHQL_STREAMING_QUERIES_MULTIPLEXED_BATCH_SIZE=1000 export HASURA_GRAPHQL_SERVER_PORT=8085 export HASURA_GRAPHQL_ENABLE_TELEMETRY=false diff --git a/mod/bbb-pads/Dockerfile b/mod/bbb-pads/Dockerfile index fa6762c3..e3663665 100644 --- a/mod/bbb-pads/Dockerfile +++ b/mod/bbb-pads/Dockerfile @@ -1,7 +1,7 @@ FROM node:22-bookworm-slim AS builder COPY --from=src / /bbb-pads -RUN cd /bbb-pads && rm -r .git && npm install --production +RUN cd /bbb-pads && npm install --production RUN chmod 777 /bbb-pads/config diff --git a/mod/bbb-web/Dockerfile b/mod/bbb-web/Dockerfile index e5fefa59..5a080759 100644 --- a/mod/bbb-web/Dockerfile +++ b/mod/bbb-web/Dockerfile @@ -16,10 +16,12 @@ RUN cd /bbb-common-web && ./deploy.sh COPY --from=src-web / /bbb-web # compile bbb-web -RUN cd /bbb-web && grails assemble +RUN cd /bbb-web && sh ./gradlew assemble # compile pres-checker -RUN cd /bbb-web/pres-checker && gradle resolveDeps +RUN cd /bbb-web/pres-checker && gradle jar +RUN mkdir -p /bbb-web/pres-checker/lib && find /bbb-web/pres-checker && \ + cp /bbb-web/pres-checker/build/libs/bbb-pres-check-0.0.1.jar /bbb-web/pres-checker/lib # extract .war RUN unzip -q /bbb-web/build/libs/bigbluebutton-0.10.0.war -d /dist @@ -32,10 +34,10 @@ FROM alangecker/bbb-docker-base-java RUN mkdir -p /usr/share/bigbluebutton/blank \ && cd /usr/share/bigbluebutton/blank \ && wget \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4.0/bigbluebutton-config/slides/blank-svg.svg \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4.0/bigbluebutton-config/slides/blank-thumb.png \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4.0/bigbluebutton-config/slides/blank-presentation.pdf \ - https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v2.4.0/bigbluebutton-config/slides/blank-png.png \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v3.0.19/bigbluebutton-config/slides/blank-svg.svg \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v3.0.19/bigbluebutton-config/slides/blank-thumb.png \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v3.0.19/bigbluebutton-config/slides/blank-presentation.pdf \ + https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v3.0.19/bigbluebutton-config/slides/blank-png.png \ && sed -i 's///g' /etc/ImageMagick-6/policy.xml \ && sed -i '/potrace/d' /etc/ImageMagick-6/delegates.xml @@ -53,5 +55,6 @@ COPY bbb-web.properties /etc/bigbluebutton/bbb-web.properties.tmpl COPY turn-stun-servers.xml /etc/bigbluebutton/turn-stun-servers.xml.tmpl COPY logback.xml /usr/share/bbb-web/WEB-INF/classes/logback.xml COPY office-convert.sh /usr/share/bbb-libreoffice-conversion/convert.sh +COPY run-in-systemd.sh /usr/share/bbb-web/run-in-systemd.sh ENTRYPOINT ["/entrypoint.sh"] diff --git a/mod/bbb-web/bbb-web.properties b/mod/bbb-web/bbb-web.properties index 7dc9d15e..7c653cdc 100644 --- a/mod/bbb-web/bbb-web.properties +++ b/mod/bbb-web/bbb-web.properties @@ -14,9 +14,7 @@ securitySalt={{ .Env.SHARED_SECRET }} redisHost=redis {{ if isTrue .Env.IGNORE_TLS_CERT_ERRORS }} -beans.presentationService.defaultUploadedPresentation=https://test27.bigbluebutton.org/default.pdf -# fetch presentations without HTTPS -presentationBaseURL=http://{{ .Env.DOMAIN }}/bigbluebutton/presentation +beans.presentationService.defaultUploadedPresentation=https://raw.githubusercontent.com/bigbluebutton/bigbluebutton/v3.0.19/bigbluebutton-config/assets/default.pdf {{else}} beans.presentationService.defaultUploadedPresentation=${bigbluebutton.web.serverURL}/default.pdf {{end}} diff --git a/mod/bbb-web/entrypoint.sh b/mod/bbb-web/entrypoint.sh index 7c9506b5..f9182f23 100755 --- a/mod/bbb-web/entrypoint.sh +++ b/mod/bbb-web/entrypoint.sh @@ -26,6 +26,6 @@ cd /usr/share/bbb-web/ dockerize \ -template /etc/bigbluebutton/bbb-web.properties.tmpl:/etc/bigbluebutton/bbb-web.properties \ -template /etc/bigbluebutton/turn-stun-servers.xml.tmpl:/etc/bigbluebutton/turn-stun-servers.xml \ - gosu bigbluebutton java -Dgrails.env=prod -Dserver.address=0.0.0.0 -Dserver.port=8090 -Dspring.main.allow-circular-references=true -Xms384m -Xmx384m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/bigbluebutton/diagnostics -cp WEB-INF/lib/*:/:WEB-INF/classes/:. org.springframework.boot.loader.WarLauncher + gosu bigbluebutton java -Dgrails.env=prod -Dserver.address=0.0.0.0 -Dserver.port=8090 -Dspring.main.allow-circular-references=true -Xms384m -Xmx384m -XX:+HeapDumpOnOutOfMemoryError -XX:HeapDumpPath=/var/bigbluebutton/diagnostics -cp WEB-INF/lib/*:/:WEB-INF/classes/:. org.springframework.boot.loader.launch.WarLauncher diff --git a/mod/bbb-web/run-in-systemd.sh b/mod/bbb-web/run-in-systemd.sh new file mode 100755 index 00000000..79018d10 --- /dev/null +++ b/mod/bbb-web/run-in-systemd.sh @@ -0,0 +1,10 @@ +#!/bin/sh -e + +# bbb-web requires a script under /usr/share/bbb-web/run-in-systemd.sh to run certain tasks +# this is used for sandboxing, which is in our case a bit more difficult, because +# we run it without systemd in an unprivileged container, with currently no extra sandboxing capabilities + +# TODO: exploring better ways! (e. g. firejail) + +timeout_secs="$1"; shift +exec timeout "${timeout_secs}" "$@" \ No newline at end of file diff --git a/mod/bbb-webrtc-recorder/Dockerfile b/mod/bbb-webrtc-recorder/Dockerfile index d7d7e4bc..61fd2521 100644 --- a/mod/bbb-webrtc-recorder/Dockerfile +++ b/mod/bbb-webrtc-recorder/Dockerfile @@ -1,5 +1,5 @@ # Build stage -FROM golang:1.23 as builder +FROM golang:1.25 as builder ARG APP_VERSION=devel ARG GOMOD=github.com/bigbluebutton/bbb-webrtc-recorder diff --git a/mod/etherpad/Dockerfile b/mod/etherpad/Dockerfile index 705867cd..1633561d 100644 --- a/mod/etherpad/Dockerfile +++ b/mod/etherpad/Dockerfile @@ -8,7 +8,7 @@ RUN apk add git curl USER etherpad RUN pnpm run plugins i \ - ep_disable_chat@0.0.10 \ + ep_disable_chat@0.0.13 \ ep_auth_session@1.1.1 \ --github \ mconf/ep_cursortrace#56fb8c2b211cdda4fc8715ec99e1cb7b7d9eb851 \ diff --git a/mod/nginx/Dockerfile b/mod/nginx/Dockerfile index 5ef24887..47fc2be6 100644 --- a/mod/nginx/Dockerfile +++ b/mod/nginx/Dockerfile @@ -38,7 +38,7 @@ RUN sed -i "s/VERSION/$BBB_BUILD_TAG/g" /source/dist/index.html && \ # -------------------- -FROM nginx:1.27-alpine +FROM nginx:1.29-alpine COPY --from=builder-learning-dashboard /bbb-learning-dashboard/build /www/learning-analytics-dashboard/ COPY --from=builder-playback /bbb-playback/build /www/playback/presentation/2.3 diff --git a/mod/nginx/bbb/bbb-html5.nginx b/mod/nginx/bbb/bbb-html5.nginx index e62c0470..fc73a84a 100644 --- a/mod/nginx/bbb/bbb-html5.nginx +++ b/mod/nginx/bbb/bbb-html5.nginx @@ -11,3 +11,11 @@ location /html5client/locales { autoindex on; autoindex_format json; } + +location /html5client/wasm { + types { + application/wasm wasm; + } + gzip_static on; + alias /usr/share/bigbluebutton/html5-client/wasm; +} \ No newline at end of file diff --git a/mod/nginx/bbb/graphql.nginx b/mod/nginx/bbb/graphql.nginx index 526ce5ff..be1f8cdf 100644 --- a/mod/nginx/bbb/graphql.nginx +++ b/mod/nginx/bbb/graphql.nginx @@ -8,7 +8,9 @@ location /graphql { proxy_pass http://bbb-graphql-middleware:8378; #Graphql Middleware } -#Set cache system for client settings +#DEPRECATED: +#This endpoint is being replaced by /api/rest/meetingStaticData (which contain clientSettings and more) +#It will be removed in BBB 3.1 location /api/rest/clientSettings { auth_request /bigbluebutton/connection/checkGraphqlAuthorization; auth_request_set $meeting_id $sent_http_meeting_id; @@ -18,13 +20,44 @@ location /api/rest/clientSettings { proxy_cache_use_stale updating; proxy_cache_valid 24h; proxy_cache_lock on; + proxy_cache_lock_timeout 5s; # how long other requests may wait for the first one holding the cache lock + proxy_cache_lock_age 10s; # consider the lock stale after this time (prevents a stuck lock if upstream hangs) + # proxy_cache_background_update on; # optional: serve stale while refreshing the cache in background + + add_header X-Cached $upstream_cache_status; + + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_connect_timeout 3s; # max time to establish TCP connection to Hasura + proxy_send_timeout 15s; # max time to send the request to Hasura + proxy_read_timeout 30s; # max time to wait for Hasura’s response + proxy_set_header Host $host; + proxy_pass http://bbb-graphql-server:8085; #Hasura +} + +#Set cache system for meeting static data +location /api/rest/meetingStaticData { + auth_request /bigbluebutton/connection/checkGraphqlAuthorization; + auth_request_set $meeting_id $sent_http_meeting_id; + + proxy_cache client_settings_cache; + proxy_cache_key "$uri|$meeting_id"; + proxy_cache_use_stale updating; + proxy_cache_valid 24h; + proxy_cache_lock on; + proxy_cache_lock_timeout 5s; # how long other requests may wait for the first one holding the cache lock + proxy_cache_lock_age 10s; # consider the lock stale after this time (prevents a stuck lock if upstream hangs) + # proxy_cache_background_update on; # optional: serve stale while refreshing the cache in background + add_header X-Cached $upstream_cache_status; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; + proxy_set_header Connection ""; + proxy_connect_timeout 3s; # max time to establish TCP connection to Hasura + proxy_send_timeout 15s; # max time to send the request to Hasura + proxy_read_timeout 30s; # max time to wait for Hasura’s response proxy_set_header Host $host; - proxy_pass http://127.0.0.1:8185; #Hasura + proxy_pass http://bbb-graphql-server:8085; #Hasura } location /api/rest/userMetadata { @@ -32,8 +65,7 @@ location /api/rest/userMetadata { auth_request_set $meeting_id $sent_http_meeting_id; proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; + proxy_set_header Connection ""; proxy_set_header Host $host; - proxy_pass http://127.0.0.1:8185; #Hasura + proxy_pass http://bbb-graphql-server:8085; #Hasura } diff --git a/mod/nginx/bbb/web.nginx b/mod/nginx/bbb/web.nginx index 5849527d..d854219e 100755 --- a/mod/nginx/bbb/web.nginx +++ b/mod/nginx/bbb/web.nginx @@ -164,10 +164,14 @@ add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0"; add_header Pragma "no-cache"; add_header Expires "0"; + add_header X-Server-Epoch-Msec $msec; + add_header X-Request-Id $request_id; + # this Header is required for cluster setups as the ping check is a # CORS request. No cookies are required so we can just allow anyone # to use this endpoint. add_header 'Access-Control-Allow-Origin' '*'; + add_header 'Access-Control-Expose-Headers' 'X-Server-Epoch-Msec,X-Request-Id'; return 200 ""; } diff --git a/mod/recordings/Dockerfile b/mod/recordings/Dockerfile index a6223d97..cd6fe872 100644 --- a/mod/recordings/Dockerfile +++ b/mod/recordings/Dockerfile @@ -1,5 +1,19 @@ +ARG BBB_BUILD_TAG +FROM bigbluebutton/bbb-build:$BBB_BUILD_TAG AS builder -FROM ruby:3.0-slim-bullseye +# compile and install mkclean +RUN cd /tmp \ + && wget https://sourceforge.net/projects/matroska/files/mkclean/mkclean-0.8.10.tar.bz2/download -O mkclean-0.8.10.tar.bz2 \ + && tar -xf /tmp/mkclean-0.8.10.tar.bz2 \ + && cd /tmp/mkclean-0.8.10 \ + && sed -i 's/\r//g' ./mkclean/configure.compiled \ + && ./mkclean/configure.compiled \ + && make -C mkclean \ + && cp ./release/gcc_linux_x64/mkclean /usr/bin/mkclean \ + && rm -r /tmp/mkclean-* + + +FROM ruby:3.2-slim-trixie # install apt dependencies RUN apt-get update && apt-get install -y \ @@ -36,16 +50,7 @@ ENV LC_ALL en_US.UTF-8 ENV LANG en_US.UTF-8 ENV LANGUAGE en_US.UTF-8 -# compile and install mkclean -RUN cd /tmp \ - && wget https://phoenixnap.dl.sourceforge.net/project/matroska/mkclean/mkclean-0.8.10.tar.bz2 \ - && tar -xf /tmp/mkclean-0.8.10.tar.bz2 \ - && cd /tmp/mkclean-0.8.10 \ - && sed -i 's/\r//g' ./mkclean/configure.compiled \ - && ./mkclean/configure.compiled \ - && make -C mkclean \ - && cp ./release/gcc_linux_x64/mkclean /usr/bin/mkclean \ - && rm -r /tmp/mkclean-* +COPY --from=builder /usr/bin/mkclean /usr/bin/mkclean # add dockerize ENV DOCKERIZE_VERSION v0.6.1 @@ -102,17 +107,13 @@ RUN cd /usr/bin \ && sed -i 's/systemctl.*//' /usr/bin/bbb-record \ && echo "BIGBLUEBUTTON_RELEASE=$TAG_RECORDINGS" > /etc/bigbluebutton/bigbluebutton-release -# create user -# the ID should match the one creating the files in `core` -RUN groupadd -g 998 bigbluebutton && useradd -m -u 998 -g bigbluebutton bigbluebutton - # change owner # https://github.com/alangecker/bigbluebutton-docker/issues/63 RUN chown -R 998:998 /usr/local/bigbluebutton ARG TAG_BBB_PRESENTATION_VIDEO RUN cd /tmp/ && \ - wget -q -O bbb-presentation-video.zip "https://github.com/bigbluebutton/bbb-presentation-video/releases/download/${TAG_BBB_PRESENTATION_VIDEO}/ubuntu-20.04.zip" && \ + wget -q -O bbb-presentation-video.zip "https://github.com/bigbluebutton/bbb-presentation-video/releases/download/${TAG_BBB_PRESENTATION_VIDEO}/ubuntu-22.04.zip" && \ unzip -o bbb-presentation-video.zip -d bbb-presentation-video && \ dpkg -i bbb-presentation-video/bbb-presentation-video*.deb && \ rm -rf /tmp/* diff --git a/mod/recordings/entrypoint.sh b/mod/recordings/entrypoint.sh index a62b229c..2a70f42c 100755 --- a/mod/recordings/entrypoint.sh +++ b/mod/recordings/entrypoint.sh @@ -5,7 +5,7 @@ touch /var/log/bigbluebutton/bbb-web.log touch /var/log/bigbluebutton/sanity.log touch /var/log/bigbluebutton/post_publish.log mkdir -p /var/log/bigbluebutton/presentation -chown -R bigbluebutton:bigbluebutton /var/log/bigbluebutton +chown -R 998:998 /var/log/bigbluebutton dockerize \ -template /etc/bigbluebutton/recording/recording.yml.tmpl:/etc/bigbluebutton/recording/recording.yml \ diff --git a/mod/recordings/supervisord.conf b/mod/recordings/supervisord.conf index 22e456d3..168999d2 100644 --- a/mod/recordings/supervisord.conf +++ b/mod/recordings/supervisord.conf @@ -4,8 +4,8 @@ user=root [program:rasque_workers] command=bundle exec rake -f Rakefile resque:workers directory=/usr/local/bigbluebutton/core/scripts -environment=QUEUE="rap:archive,rap:publish,rap:process,rap:sanity,rap:captions,rap:events",COUNT="1",HOME="/home/bigbluebutton" -user=bigbluebutton +environment=QUEUE="rap:archive,rap:publish,rap:process,rap:sanity,rap:captions,rap:events",COUNT="1",HOME="/tmp" +user=998 stdout_logfile=/dev/fd/1 stdout_logfile_maxbytes=0 stderr_logfile=/dev/fd/2 @@ -15,8 +15,8 @@ stderr_logfile_maxbytes=0 [program:rap_starter] command=bundle exec ruby /usr/local/bigbluebutton/core/scripts/rap-starter.rb directory=/usr/local/bigbluebutton/core/scripts -environment=HOME="/home/bigbluebutton" -user=bigbluebutton +environment=HOME="/tmp" +user=998 stdout_logfile=/dev/fd/1 stdout_logfile_maxbytes=0 stderr_logfile=/dev/fd/2 @@ -26,8 +26,8 @@ stderr_logfile_maxbytes=0 [program:rap_caption_inbox] command=bundle exec ruby /usr/local/bigbluebutton/core/scripts/rap-caption-inbox.rb directory=/usr/local/bigbluebutton/core/scripts -environment=HOME="/home/bigbluebutton" -user=bigbluebutton +environment=HOME="/tmp" +user=998 stdout_logfile=/dev/fd/1 stdout_logfile_maxbytes=0 stderr_logfile=/dev/fd/2 diff --git a/repos/bbb-pads b/repos/bbb-pads index 724d55c2..e11eeda5 160000 --- a/repos/bbb-pads +++ b/repos/bbb-pads @@ -1 +1 @@ -Subproject commit 724d55c26b1c94ea22a85b0c7e064f57b54875cb +Subproject commit e11eeda573d62d8e35f5733ef151b5ad9b7d595c diff --git a/repos/bbb-playback b/repos/bbb-playback index a2e4676d..317cae1e 160000 --- a/repos/bbb-playback +++ b/repos/bbb-playback @@ -1 +1 @@ -Subproject commit a2e4676d567da3ef0e7bfb18a6815298dd020def +Subproject commit 317cae1e83dcde3f5057d0af71890e42b51bd3ff diff --git a/repos/bbb-webhooks b/repos/bbb-webhooks index 7ed5fdb4..31e1bb70 160000 --- a/repos/bbb-webhooks +++ b/repos/bbb-webhooks @@ -1 +1 @@ -Subproject commit 7ed5fdb4178f8148f1863342827ab42522e12cae +Subproject commit 31e1bb70e06c42be9b386a074f109dc9c7dd947d diff --git a/repos/bbb-webrtc-recorder b/repos/bbb-webrtc-recorder index 95ab45f4..2570fd79 160000 --- a/repos/bbb-webrtc-recorder +++ b/repos/bbb-webrtc-recorder @@ -1 +1 @@ -Subproject commit 95ab45f4c7ce29909b217d94ceb33bbbcb5b5508 +Subproject commit 2570fd79b79bce872a19847f60559870173b6258 diff --git a/repos/bbb-webrtc-sfu b/repos/bbb-webrtc-sfu index e5a4bab5..70b6a29f 160000 --- a/repos/bbb-webrtc-sfu +++ b/repos/bbb-webrtc-sfu @@ -1 +1 @@ -Subproject commit e5a4bab5bd2cbd006ef2f144d27bd4ae28cfb953 +Subproject commit 70b6a29f045a8ffb6c49d6e9d155899f8cd1c2d2 diff --git a/repos/bigbluebutton b/repos/bigbluebutton index ef2dda43..69f45aa1 160000 --- a/repos/bigbluebutton +++ b/repos/bigbluebutton @@ -1 +1 @@ -Subproject commit ef2dda435ebf190fc7573293a2099f902a22f1f2 +Subproject commit 69f45aa1b963dc7d80179d0155acc670aec5c4fc diff --git a/repos/tags b/repos/tags index e8b18b09..f2adc554 100644 --- a/repos/tags +++ b/repos/tags @@ -5,10 +5,10 @@ repos/bbb-etherpad-plugin 88f3f6b repos/bbb-etherpad-skin 8328b77 -repos/bbb-pads v1.5.3 -repos/bbb-playback v5.3.1 -repos/bbb-webhooks v3.3.1 -repos/bbb-webrtc-recorder v0.8.0 -repos/bbb-webrtc-sfu v2.17.0-beta.6 -repos/bigbluebutton v3.0.4 +repos/bbb-pads v1.5.6 +repos/bbb-playback v5.4.3 +repos/bbb-webhooks v3.4.0 +repos/bbb-webrtc-recorder v0.13.1 +repos/bbb-webrtc-sfu v2.21.2 +repos/bigbluebutton v3.0.19 repos/freeswitch v1.10.12 diff --git a/scripts/generate-compose b/scripts/generate-compose index 0fd92457..24fafb63 100755 --- a/scripts/generate-compose +++ b/scripts/generate-compose @@ -36,7 +36,7 @@ function get_tag { } # https://hub.docker.com/r/bigbluebutton/bbb-build -BBB_BUILD_TAG=v3.0.x-release +BBB_BUILD_TAG=v3.0.x-release--2025-10-30-133835 docker run \ --rm \ From 801356ee3b8eaec2d06414bdd542dfb954fbe6ee Mon Sep 17 00:00:00 2001 From: chandi Date: Sat, 10 Jan 2026 12:07:53 +0100 Subject: [PATCH 13/17] backwards compatibility for network mode change in #369 --- docker-compose.tmpl.yml | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index e363e142..9bb5785a 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -129,6 +129,17 @@ services: # overwrite html5 config - ./mod/nginx/bbb-html5.dev.nginx:/etc/nginx/bbb/bbb-html5.nginx:ro {{ end }} + ports: + # make sure nginx ports are also still available under the + # IPs 127.0.0.1 & 10.7.7.1 for backwards compatibility with exiting setup + # Warning: deprecated! this gets removed at some point + # Do not use them for new setups + - "127.0.0.1:48082:48082" + - "127.0.0.1:48081:48081" + - "127.0.0.1:48087:48087" + - "10.7.7.1:48082:48082" + - "10.7.7.1:48081:48081" + - "10.7.7.1:48087:48087" networks: bbb-net: ipv4_address: 10.7.7.34 @@ -568,7 +579,7 @@ services: image: greenstatic/bigbluebutton-exporter:latest restart: unless-stopped environment: - API_BASE_URL: http://10.7.7.1:48087/bigbluebutton/api/ + API_BASE_URL: http://10.7.7.34:48087/bigbluebutton/api/ API_SECRET: ${SHARED_SECRET} RECORDINGS_METRICS_READ_FROM_DISK: "${ENABLE_PROMETHEUS_EXPORTER_OPTIMIZATION:-false}" networks: From da26ac8558908b8b6b5e7c92a59f599ef0a9b65f Mon Sep 17 00:00:00 2001 From: chandi Date: Sat, 10 Jan 2026 12:09:23 +0100 Subject: [PATCH 14/17] deprecation warning: better hint what to use --- docker-compose.tmpl.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.tmpl.yml b/docker-compose.tmpl.yml index 9bb5785a..4f9523b4 100644 --- a/docker-compose.tmpl.yml +++ b/docker-compose.tmpl.yml @@ -133,7 +133,7 @@ services: # make sure nginx ports are also still available under the # IPs 127.0.0.1 & 10.7.7.1 for backwards compatibility with exiting setup # Warning: deprecated! this gets removed at some point - # Do not use them for new setups + # Use 10.7.7.34 for new setups - "127.0.0.1:48082:48082" - "127.0.0.1:48081:48081" - "127.0.0.1:48087:48087" From e773880699d1d1e9b005c96980d8dfef4e234d2d Mon Sep 17 00:00:00 2001 From: chandi Date: Sat, 10 Jan 2026 14:10:09 +0100 Subject: [PATCH 15/17] base-java: fix wrong apt package name --- mod/base-java/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mod/base-java/Dockerfile b/mod/base-java/Dockerfile index bf0c78b9..810feee1 100644 --- a/mod/base-java/Dockerfile +++ b/mod/base-java/Dockerfile @@ -2,7 +2,7 @@ FROM eclipse-temurin:17-jre-jammy RUN apt-get update && apt-get install -y \ wget unzip gosu locales \ - libmagickcore-extra xpdf-utils curl \ + imagemagick xpdf-utils curl \ && sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && locale-gen ENV LANG en_US.UTF-8 From 951a5aa22843b5c2ca7364dd6926727d2c9c72a3 Mon Sep 17 00:00:00 2001 From: chandi Date: Sat, 10 Jan 2026 14:11:32 +0100 Subject: [PATCH 16/17] up-to-date publish script --- scripts/publish | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/scripts/publish b/scripts/publish index 601b787c..6d9ed66c 100755 --- a/scripts/publish +++ b/scripts/publish @@ -4,7 +4,7 @@ set -e cd "$(dirname "$0")/.." # load .env -. functions.sh +. scripts/functions.sh load_env if [ -z "$ENABLE_WEBHOOKS" ]; then @@ -21,8 +21,8 @@ fi # generate compose file ./scripts/generate-compose -# ensure submodules are matching tags.env -./scripts/checkout-submodules +# ensure submodules are correctly checked out +git submodule update # build and push java base image docker build -t alangecker/bbb-docker-base-java:latest mod/base-java @@ -33,16 +33,20 @@ docker compose build # push images docker push alangecker/bbb-docker-base-java:latest docker compose push \ - html5-backend-1 \ - bbb-web \ - freeswitch \ apps-akka \ + bbb-export-annotations \ + bbb-graphql-actions \ + bbb-graphql-middleware \ + bbb-graphql-server \ bbb-pads \ + bbb-web \ + bbb-webrtc-recorder \ etherpad \ fsesl-akka \ - jodconverter \ + haproxy \ nginx \ periodic \ recordings \ webhooks \ - webrtc-sfu + webrtc-sfu \ + freeswitch From bb756e5d6bc5cea52ba3456b756d10725b8856d5 Mon Sep 17 00:00:00 2001 From: chandi Date: Sat, 10 Jan 2026 14:21:58 +0100 Subject: [PATCH 17/17] changelog and version in README --- CHANGELOG.md | 7 +++++++ README.md | 2 +- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8dd1e7a6..f24fc84f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,13 @@ # Changelog ## Unreleased +- update to 3.0.19 @alangecker [#377](https://github.com/bigbluebutton/docker/pull/377) +- Add restart policy to HAProxy container @timoschwarzer [#373](https://github.com/bigbluebutton/docker/pull/373) +- Add enable switches for Collabora and Coturn + make Collabora URL configurable @kevinveenbirkenbach [#372](https://github.com/bigbluebutton/docker/pull/372) +- Add missing volume mounts for coturn and redis + @matthijskooijman [#370](https://github.com/bigbluebutton/docker/pull/370) +- Stop using network_mode: host for nginx and haproxy @ matthijskooijman + [#369](https://github.com/bigbluebutton/docker/pull/369) ## Release v3.0.4 (2025-03-27) - update to 3.0.4 @tibroc [#347](https://github.com/bigbluebutton/docker/pull/347 diff --git a/README.md b/README.md index 1b658ae8..bca0ccec 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@ # 📦 BigBlueButton 3.0 Docker -Version: 3.0.4 | [Changelog](CHANGELOG.md) | [Issues](https://github.com/bigbluebutton/docker/issues) | [Upgrading](docs/upgrading.md) | [Development](docs/development.md) +Version: 3.0.19 | [Changelog](CHANGELOG.md) | [Issues](https://github.com/bigbluebutton/docker/issues) | [Upgrading](docs/upgrading.md) | [Development](docs/development.md) ## Features - Easy installation