Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Script Improvements #1

Open
wants to merge 31 commits into
base: master
Choose a base branch
from
+672 −127
Open

Script Improvements #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
31 commits
Select commit Hold shift + click to select a range
c5ac8b2
Script Improvements
lkiesow Mar 22, 2020
f71d806
Remove User Setup
lkiesow Mar 24, 2020
89d1f76
Restructure Variables
lkiesow Mar 24, 2020
4fdc683
Add Readme
lkiesow Mar 25, 2020
9c3e7ec
Do Not Generate Certificates
lkiesow Mar 25, 2020
92e61a1
Extend readme
lkiesow Mar 25, 2020
048b786
Merge 'upstream/master' to attach license
lkiesow Mar 25, 2020
c85bf9b
Use low quality camera by default
lkiesow Mar 29, 2020
54c30a2
Disable Recording Button
lkiesow Mar 29, 2020
2ebbea1
Workaround: Delete Raw Recordings
lkiesow Mar 29, 2020
dabf903
Add Additional Dependencies
lkiesow Apr 1, 2020
665d03d
Allow multiple hosts and secrets
lkiesow Apr 1, 2020
9f3f082
Switch to inventory_hostname
lkiesow Apr 1, 2020
3585416
Prevent Unnecessary Restarts
lkiesow Apr 1, 2020
3dd78dc
Document how to initialize initial user
lkiesow Jul 29, 2020
3e6a252
Remove workaround services
lkiesow Jul 29, 2020
7a44089
Improve Ansible settings
lkiesow Jul 29, 2020
b80f91d
Update to Greenlight 2.6.5
lkiesow Jul 29, 2020
cc5bc75
Update BigBlueButton
lkiesow Jul 29, 2020
edebc59
Add upgrade script
lkiesow Jul 29, 2020
434cdb6
Mark tests as allowed to fail
lkiesow Jul 29, 2020
5001607
Update to Greenlight 2.7
lkiesow Aug 3, 2020
785898d
Update to Greenlight 2.7.1
lkiesow Aug 9, 2020
18a9b31
Update to Greenlight 2.7.2
lkiesow Sep 1, 2020
fe96c23
Update to Greenlight 2.7.5
lkiesow Sep 28, 2020
746c918
Fix potential upgrade problem
lkiesow Oct 12, 2020
b657996
Update to Greenlight 2.7.7
lkiesow Oct 28, 2020
389aaa8
Drop BigBlueButton core log level
lkiesow Oct 28, 2020
18faed4
Update to Greenlight 2.7.9
lkiesow Nov 28, 2020
d014da7
Mask pgone number
lkiesow Nov 28, 2020
b5e7b65
Update to Greenlight 2.7.11
lkiesow Dec 10, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions ansible.cfg
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,2 +1,6 @@
[defaults]
inventory = hosts.yml
ask_vault_pass = True

[ssh_connection]
pipelining = True
4 changes: 1 addition & 3 deletions bigbluebutton.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,7 @@
---

- hosts: server
- hosts: all
become: true
vars_files:
- secret-vars.yml
roles:
- bigbluebutton
- greenlight
2 changes: 0 additions & 2 deletions files/pub-keys/lars.pub
View file
Open in desktop

This file was deleted.

3 changes: 0 additions & 3 deletions files/pub-keys/sven.pub
View file
Open in desktop

This file was deleted.

15 changes: 15 additions & 0 deletions group_vars/all/vars.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
---

secrets:
bbb-test.opencast-niedersachsen.de:
bigbluebutton: '{{ vault_bigbluebutton }}'
greenlight: '{{ vault_greenlight }}'
#sip:
# phone: '{{ vault_sip.phone }}'
# user: '{{ vault_sip.user }}'
# password: '{{ vault_sip.password }}'

container:
greenlight:
image: docker.io/bigbluebutton/greenlight
tag: release-2.7.11
14 changes: 14 additions & 0 deletions group_vars/all/vault.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
$ANSIBLE_VAULT;1.1;AES256
33373132623737623866396565336537306463626435326564383638303938353838653862616163
3065616136363837343139323131353965353935333232640a623938383764326563663165303838
37386661653531343364623662333830313534353535643636393731663164653832393536323433
3464316438346235300a326237613361326565393330613333313435393633656661353962396561
34613831323936303733346638643261373039326431313263356232306361373566373237373730
30353563363139623131663333363164323330323532363830613134353634393837636530323264
66646234326339626533386534653661643736333531363635343737653162363032346162396133
31323836373961383064346164353331393933626434353039316361633730623762613665663132
62353137346530353966313839643435653030393566633466333936353163383131663464666339
61313535376634306437333331343764366531633735346539383039616562376565623934363831
64643762376362643130333264366361336566326166336264653666333832666661343638663436
30336337303136303738653562353131343063343232346438396533626338343438616135346465
3562
5 changes: 3 additions & 2 deletions hosts.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
server:
all:
hosts:
video.haardiek.org:
bbb-test.opencast-niedersachsen.de:
allow_recording: true
30 changes: 30 additions & 0 deletions readme.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
Ansible Scripts for BigBlueButton
=================================

This repository contains a set of scripts setting up and managing [BigBlueButton](https://bigbluebutton.org).
They are based on a set of [scripts by Sven](https://github.com/shaardie/video.haardiek.org). Thanks, Sven!


Important Notes
---------------

- Right now, the installation works on Ubuntu 16.04 64bit since that is the operation system officially supported.
Anything else will likely not work
- The ansible vault in `group_vars/all/vault.yml` is meant as an example.
The password is `123`.
Reencode it using a proper password.
- Make sure to generate new secrets and encrypt them in the ansible vault at `group_vars/all/vault.yml`.
_Never_ use the vars set in here for production.
- The certificates provided in here are just dummy certificates and will only be deployed if no other certificates are in place.
Once deployed, replace them with valid certificates and reload Nginx.


Initialization
--------------

### Greenlight on Ubuntu 16.04

```sh
# Execute and change the password
% docker exec greenlight-v2 bundle exec rake admin:create
```
2 changes: 1 addition & 1 deletion roles/bigbluebutton/defaults/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
---

skip_distribution_check: false

allow_recording: false
33 changes: 33 additions & 0 deletions roles/bigbluebutton/files/certificate.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
-----BEGIN CERTIFICATE-----
MIIFozCCA4ugAwIBAgIUQCh76DvcL1n4rdoAT9eOuFnjiA8wDQYJKoZIhvcNAQEL
BQAwYTELMAkGA1UEBhMCREUxFTATBgNVBAcMDERlZmF1bHQgQ2l0eTEcMBoGA1UE
CgwTRGVmYXVsdCBDb21wYW55IEx0ZDEdMBsGA1UEAwwUZXhhbXBsZS5vcGVuY2Fz
dC5vcmcwHhcNMTkwMTEwMTcyOTUwWhcNMTkwMTExMTcyOTUwWjBhMQswCQYDVQQG
EwJERTEVMBMGA1UEBwwMRGVmYXVsdCBDaXR5MRwwGgYDVQQKDBNEZWZhdWx0IENv
bXBhbnkgTHRkMR0wGwYDVQQDDBRleGFtcGxlLm9wZW5jYXN0Lm9yZzCCAiIwDQYJ
KoZIhvcNAQEBBQADggIPADCCAgoCggIBAON56Nb+MxWCoOmW6KG4+VEHBXJftZ/i
JF+u9IDcktrgWWDrDPO5ithrxCAi+78/1kVoOgv4+F9S5LTENfoHCBNlpYrMBIWl
NF5c4FkE1s2JB2NoBz17PVdFoLKU+SSmrf0q+UgCTsNTdZOw96oF1LMNHe7uejpJ
BbsJjaHQquK+YYgcxop2DZ6rGZLktec6wc9jGF8REz+1gvMEm2vg39MVSRba6YLO
mDBQtLyU0z8M25rCPvo4BltXzDuoZ6D0lua9oCCjzH0HQIDpDc7TgJVi1HxHL8Tz
xTgjRTBGnTNBDzyOnti7LnmldRizicFqqgzpdvpbEyYn5QiZRyzJtMwvlSCLYa9F
qyUVxFiAi09piE8iLEY8FTXydMCRfVxq/k9JNsMRgXGaigl1VKkTjMMHhIAXA/7s
9gypbU0uNtGdogI4AL7g8sObLbvjKUXYHbJdiEB0Rq16i8tSZ4/Od5amorXKwsw7
N1Ztiz5TODcZClA4aNOY4+VOvvY1939Qc1gJh//Tx1phkJIAdGvkWkSDz9hHuZGq
whT8MRoznca5feSvPlm/LkqG6sw9GoiKX/OrTqccPx5CNxonxIBG6Putfl9q7hyZ
yvFXXTj8jfqBfJt4PgTmgtqG9RV7KRtoH32a5zISpOLwnjh4sTaUIvCbT/6ZWRB0
TrZs+Fna2DvjAgMBAAGjUzBRMB0GA1UdDgQWBBRUDK218wLs89AZBq7fjuAyBRvT
iDAfBgNVHSMEGDAWgBRUDK218wLs89AZBq7fjuAyBRvTiDAPBgNVHRMBAf8EBTAD
AQH/MA0GCSqGSIb3DQEBCwUAA4ICAQDSYw2WXaUdUKW+UTJvr3KAShRi3Xic3Axg
eFofPYYEJQkn6bvot1NNX/SblCPXcdVWwHe92JnPE+i0xXSOdfcvx8L05FTkvjlE
gw7nSrlBhNZV1kn3mCzkViKXNL9FjBonhG4hUTKOjEOYs6JHQ9y6Izz9CoUVrxAf
T6uHrjgIlcOGNSKbphHpiVD1dvmzZvyjTfJa7PuqIOZG7fRHPZtnSnUKUQx4Ryuk
OiHYQy7rtwlnqCqnuOOOhes+xlFQSOIxN7v3M/AtoHB0IR3d/wRaoA6lwvJIIxE/
9pbBu8e9hqq9O8sSKwIm1YLD41N2TL8gqU3dCGiOJtYkJDAtNigzqaGovrhhTlAl
gK25INuWcNDBmnnq6lKXGgFX8er3mtQZsdhM572TX2ZB4hRSOqyFd6FGr7ypE4V9
uE1n8Ysdwu5TTFn4Nq6k6P1IwUbSfZ2Jmy2djC7wgSBjtzlJxcfP6K40/B538FpT
qOWZJN877PSmT1zjPMBQQo2bo8of7FtrtrgAKwf7wy9VBOyLvkfv65t4uEc/x4Rx
3uS75BH1y5MnnbuFWgeWNYsAMB3WQTSQ0ALM2cycams9V/d/x9G9y0M7nDvW7Q83
9eb2+rX05jUxxzyRObCr5CACChW4kSVLc5oqIuXr30shYegKLuT7xbYsjyLuGx56
iDp1RvjKYQ==
-----END CERTIFICATE-----
Binary file added roles/bigbluebutton/files/default.pdf
View file
Open in desktop
Binary file not shown.
52 changes: 52 additions & 0 deletions roles/bigbluebutton/files/key.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
-----BEGIN PRIVATE KEY-----
MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQDjeejW/jMVgqDp
luihuPlRBwVyX7Wf4iRfrvSA3JLa4Flg6wzzuYrYa8QgIvu/P9ZFaDoL+PhfUuS0
xDX6BwgTZaWKzASFpTReXOBZBNbNiQdjaAc9ez1XRaCylPkkpq39KvlIAk7DU3WT
sPeqBdSzDR3u7no6SQW7CY2h0KrivmGIHMaKdg2eqxmS5LXnOsHPYxhfERM/tYLz
BJtr4N/TFUkW2umCzpgwULS8lNM/DNuawj76OAZbV8w7qGeg9JbmvaAgo8x9B0CA
6Q3O04CVYtR8Ry/E88U4I0UwRp0zQQ88jp7Yuy55pXUYs4nBaqoM6Xb6WxMmJ+UI
mUcsybTML5Ugi2GvRaslFcRYgItPaYhPIixGPBU18nTAkX1cav5PSTbDEYFxmooJ
dVSpE4zDB4SAFwP+7PYMqW1NLjbRnaICOAC+4PLDmy274ylF2B2yXYhAdEateovL
UmePzneWpqK1ysLMOzdWbYs+Uzg3GQpQOGjTmOPlTr72Nfd/UHNYCYf/08daYZCS
AHRr5FpEg8/YR7mRqsIU/DEaM53GuX3krz5Zvy5KhurMPRqIil/zq06nHD8eQjca
J8SARuj7rX5fau4cmcrxV104/I36gXybeD4E5oLahvUVeykbaB99mucyEqTi8J44
eLE2lCLwm0/+mVkQdE62bPhZ2tg74wIDAQABAoICAQCXhItwMQ/Lwx/1l5xKpJAE
xb1+CnxLC/GYfkvETafP/OHr6YTODweJ0nZnxYWURSwvPRZ1BRhDPk6yjYM6kFZz
vSAADJbygjEYrZqOEOgXLa/rKc6wyBb6u5kneo1dOVzpJie3LDpUZpIJlzXQXWPp
A9KtZNGrYxpbFCjv4LMCpzcF18zzS2EVD/jP3GHBrGSOA/6mzBPbOscHokj4GWhd
DG+LtrMVexDqFcfdWPBArgrU0Y/rUUgCrb+O+URVdLXS6fnv48sAeMUhWJrm6gBb
AOJyCWSrNohmNTAP0OlCy5IfjwwFZuC1DF2r32Lhn2+3fAbRCbr+jlJDYP2EurIe
kgh9j3UH7gYEaFAx1HGhp/9bZKQv5xiIpbCUshyinix5MUujZ5WY2c1P2ReCOTXb
psH6hf1H5M4stZlk8uBp2cVHLb6CrVfxtuzPAYbKtUpdEdw9QpfMYUMxkmZtwi1O
TuJ7sfpJukTsEZNNu9BnP6WU2Q3MuRoMKYLpqDU1tQitYXgvyjnf5sxsn4qWy+ap
k0pzFkIxl0kX81rH7TtSJQyGKwfGtNIOFA8GnjD39vDy7BbLJ4OMtlwoQVhU3bk8
NUHQRQEiEo49Z5E0AiUnSpcuuo+6WcS2i30rBfeyVm48lBXRtuJJrHGSPY23O58K
8Dfzbc5O+84z2irWkDJjWQKCAQEA9YAYIiPN9c45bJw3+W7/v14p3qAFMrQCZZKC
EU8Ht177pa4uE59hSDXZautONiHssOwdYKKOGNAf4I87WvuAQZNfjAv/521/Zqli
82el0R9jfEhpNFMHvRVIHVoXuAuAPzF96sPvgHc94nh/yw5x73mWm67Qt2wh8U/i
uQAW7q2s1Td9uD9ot2EUawcvP6sSx+OKnXb/1MpwaGZu14yV8YorUceWyVB8tYHw
6AtuVOo6lek+VdxztI9tHCHq0wDkkUxVf9WSIlDAtEsDXL7PznYAYz7E/4pUfDfO
holeTzGRuMDMQY1BtVuMvRVm5BHdBlAMmzhu+DRbyofl5nUXdQKCAQEA7TR5dcVC
HCUV8P4UCGUnF0Q0beW6992uaKnofSiq22x5XbTsummrmQAKfoTx+zDJO8eFsaYw
rVxDATxaz+8L73V5cdLh3nDbnSEmpaeS7Pp1fW9ZDdoAnu3pzs5m7joepfnVKARI
XiuwSFDzzD4XDZBMxsDQt4taywQmIua61BpTRC+o9/0aVKafvoR8xJoM2lp7akuI
ChYecwRWqlsZByergRK0RbrJvdbhmZ3aewe1AfCKneSsaDMa5SA0XGU/1fIAfsoI
hkP8O8uBJ/T442qTKqJXB1SR4wzyxVc5Ip0yjcOtVFIWzBxFu2jVQcpTIKHtxY+K
R09sXEvvzKry9wKCAQA4RapCeQ6Gn0SOXqh95jF8/ep++xL18kjyW0ixCvprz7vC
2E/7c3brBFzXoyQESHZmf1ikg94qVdpYsLwcOLXHUi5+fWmk9HZVY9IolMNvUdCN
9lMXCUkm0C/9el8hcpFs6r1ACLVnLu3icVhphOAc0jPxb3qr8H8/Pt5rJVgcUXbi
UJvilbY9AmWZusXbxCzD4KYvPc2aSuTFKWWSxsi/2rnfPu6TKn3LZQOBTM13bVEM
d7AwIh3rb0zFPAkFYJkDrQmUCbI7Z2MkcGVO5vXfDzE7jnG9WUnQR0JxmB8j6+rI
/HhVNjmvhlKWLMeu02FkRwj8s0zMW8QGgmvyDTjZAoIBAH9nL9WRnXCAesh1r0zT
B6v3djGQsltvNb4BhF20+g/gs08hXgTBvOjwnLJXtaC1E2CIScag/IQgidygDiag
vkhfUFtSaP6Qn2RF6fwPhVrDK1ez9qD59ltmba4mLiLGFLAQ/+v+YOAzlvtAf7Gz
p64hUxttdK0grCNelx0n0DEb8p0s/BQ2XW4aELLDdkAifcTJ1H/DEc5ZEwGz0tit
FURCiltJMIpDSRgt0f4wSqjJ+u6Pw+QKbo+I42ktYvI9b4v570oqOWnkGhYDt9s+
OG/tTh4YE6ZcRf8tdTeJIab1x7Fc6Dvh21zF0q5WIDS19vAQCSWTczHZ9tmb77B+
IQECggEBALwKAurIOP5VTvqWYwPs4KI8Nt05pFG9EO3Gi5pFxfyUfdCUAkb93/L7
mWZk1KHX3lx104c5KNWBHb9l1WraWb4dTNrpJfkPGao4rkJMAGy8GnYRB0ILYl4n
EFU5qwRYc7VjezCgRtN4HotOI7IZMU9A1NH46ueO0xij9zGJB2W2hbtzhOlkgtHr
Mpj54Jc4mftLup9oWw1pwm74rvu9LOLWNQNcfSRGnlypMIKQNl1PyPJ8kqTyFHtO
h9JmUedeCLx3NfUwmv43t/zxPqUvR9/jTFO7CqnbirnAKdwP5T1VzS7qRdXeoCAc
d4+15XFG9j1pbtpoJBt5+Z+au42FdDw=
-----END PRIVATE KEY-----
17 changes: 17 additions & 0 deletions roles/bigbluebutton/handlers/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,3 +7,20 @@
service:
name: nginx
state: reloaded

- name: restart freeswitch
service:
name: freeswitch
state: restarted

- name: restart kurento
systemd:
name: kurento-media-server
state: restarted
daemon_reload: yes

- name: restart redis
systemd:
name: redis-server
state: restarted
daemon_reload: yes
95 changes: 95 additions & 0 deletions roles/bigbluebutton/tasks/logging.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,95 @@
---

- name: turn off nginx access logs
replace:
path: /etc/nginx/sites-available/bigbluebutton
regexp: 'access_log.*;'
replace: access_log off;
notify: reload nginx

- name: bigbluebutton core log level
replace:
path: /usr/share/bbb-web/WEB-INF/classes/logback.xml
regexp: 'level="{{ item.from }}"'
replace: 'level="{{ item.to }}"'
loop:
- from: DEBUG
to: ERROR
- from: INFO
to: ERROR
notify: restart bbb

- name: set log level to error
lineinfile:
path: /usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties
regexp: '^appLogLevel='
line: appLogLevel=Error
notify: restart bbb

- name: set nginx log level
lineinfile:
dest: /etc/nginx/nginx.conf
regexp: '{{ item.from }}'
line: '{{ item.to }}'
state: present
loop:
- from: error_log
to: error_log /var/log/nginx/bigbluebutton.error.log;
- from: access_log
to: access_log off;
notify: reload nginx

- name: set freeswitch log level
lineinfile:
dest: '/etc/bbb-fsesl-akka/application.conf'
regexp: ^ loglevel
line: loglevel = "WARNING"
state: present
notify: restart freeswitch

- name: set freewswitch logback log level
replace:
path: /etc/bbb-fsesl-akka/logback.xml
regexp: '{{ item.from }}'
replace: '{{ item.to }}'
loop:
- from: DEBUG
to: WARN
- from: INFO
to: WARN
notify: restart freeswitch

- name: set red5 logback log level
replace:
path: /etc/red5/logback.xml
regexp: '{{ item.from }}'
replace: '{{ item.to }}'
loop:
- from: debug
to: warn
- from: info
to: warn
notify: restart bbb

- name: set kurento log level
lineinfile:
dest: /etc/default/kurento-media-server
regexp: ^export GST_DEBUG=
line: 'export GST_DEBUG="1,Kurento*:1,kms*:1,sdp*:1,webrtc*:1,*rtpendpoint:1,rtp*handler:1,rtpsynchronizer:1,agnosticbin:1"'
state: present
notify: restart kurento

- name: avoid kurento changing log level back
lineinfile:
dest: /usr/lib/systemd/system/kurento-media-server.service
regexp: 'ExecStart=/usr/bin/kurento-media-server '
line: 'ExecStart=/usr/bin/kurento-media-server --gst-debug-level=1 --gst-debug="1,Kurento*:1,kms*:1,KurentoWebSocketTransport:1"'
state: present
notify: restart kurento

- name: configure bbb-webrtc-sfu log level
replace:
path: /usr/local/bigbluebutton/bbb-webrtc-sfu/config/default.yml
regexp: 'level: .*'
replace: 'level: error'
notify: restart bbb
Loading