diff --git a/.env b/.env new file mode 120000 index 00000000..0ec1a3a4 --- /dev/null +++ b/.env @@ -0,0 +1 @@ +src/.env \ No newline at end of file diff --git a/bin/quickstart.sh b/bin/quickstart.sh index 3a8e9117..8d074826 100755 --- a/bin/quickstart.sh +++ b/bin/quickstart.sh @@ -1,83 +1,83 @@ #!/bin/bash set -e function die() { echo "$1" exit 1 } rpm -qv composer >/dev/null 2>&1 || \ test ! -z "$(which composer 2>/dev/null)" || \ die "Is composer installed?" rpm -qv docker-compose >/dev/null 2>&1 || \ test ! -z "$(which docker-compose 2>/dev/null)" || \ die "Is docker-compose installed?" rpm -qv npm >/dev/null 2>&1 || \ test ! -z "$(which npm 2>/dev/null)" || \ die "Is npm installed?" rpm -qv php >/dev/null 2>&1 || \ test ! -z "$(which php 2>/dev/null)" || \ die "Is php installed?" rpm -qv php-ldap >/dev/null 2>&1 || \ test ! -z "$(php --ini | grep ldap)" || \ die "Is php-ldap installed?" rpm -qv php-mysqlnd >/dev/null 2>&1 || \ test ! -z "$(php --ini | grep mysql)" || \ die "Is php-mysqlnd installed?" base_dir=$(dirname $(dirname $0)) bin/regen-certs -docker pull kolab/centos7:latest +docker pull docker.io/kolab/centos7:latest docker-compose down docker-compose build docker-compose up -d kolab mariadb redis pushd ${base_dir}/src/ cp .env.example .env if [ -f ".env.local" ]; then # Ensure there's a line ending echo "" >> .env cat .env.local >> .env fi rm -rf vendor/ composer.lock composer install npm install find bootstrap/cache/ -type f ! -name ".gitignore" -delete ./artisan key:generate ./artisan jwt:secret -f ./artisan clear-compiled ./artisan cache:clear if [ ! -z "$(rpm -qv chromium 2>/dev/null)" ]; then chver=$(rpmquery --queryformat="%{VERSION}" chromium | awk -F'.' '{print $1}') ./artisan dusk:chrome-driver ${chver} fi if [ ! -f 'resources/countries.php' ]; then ./artisan data:countries fi npm run dev popd -docker-compose up -d worker openvidu kurento +docker-compose up -d worker coturn openvidu kurento pushd ${base_dir}/src/ rm -rf database/database.sqlite ./artisan db:ping --wait php -dmemory_limit=512M ./artisan migrate:refresh --seed ./artisan serve popd diff --git a/docker-compose.yml b/docker-compose.yml index 50af3b08..5af829ac 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,107 +1,143 @@ version: '3' services: + coturn: + build: + context: ./docker/coturn/ + container_name: kolab-coturn + environment: + - DB_NAME=${OPENVIDU_COTURN_REDIS_DB} + - REDIS_IP=${OPENVIDU_COTURN_REDIS_IP} + - TURN_PUBLIC_IP=${OPENVIDU_PUBLIC_IP} + - TURN_PUBLIC_POST=${OPENVIDU_PUBLIC_PORT} + hostname: sturn.mgmt.com + image: kolab-coturn + network_mode: host + restart: on-failure + tmpfs: + - /run + - /tmp + - /var/run + - /var/tmp + tty: true + volumes: + - /sys/fs/cgroup:/sys/fs/cgroup:ro kolab: build: context: ./docker/kolab/ container_name: kolab depends_on: - mariadb extra_hosts: - "kolab.mgmt.com:127.0.0.1" healthcheck: interval: 10s test: test -f /tmp/kolab-init.done timeout: 5s retries: 30 hostname: kolab.mgmt.com image: kolab network_mode: host tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./docker/certs/ca.cert:/etc/pki/tls/certs/ca.cert:ro - ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro - ./docker/certs/kolab.hosted.com.cert:/etc/pki/tls/certs/kolab.hosted.com.cert - ./docker/certs/kolab.hosted.com.key:/etc/pki/tls/certs/kolab.hosted.com.key - ./docker/certs/kolab.mgmt.com.cert:/etc/pki/tls/certs/kolab.mgmt.com.cert - ./docker/certs/kolab.mgmt.com.key:/etc/pki/tls/certs/kolab.mgmt.com.key - ./docker/kolab/utils:/root/utils:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro kurento: build: context: ./docker/kurento-media-server/ container_name: kolab-kurento + environment: + - KMS_STUN_IP=${OPENVIDU_PUBLIC_IP} + - KMS_STUN_PORT=${OPENVIDU_PUBLIC_PORT} + - KMS_TURN_URL="${OPENVIDU_PUBLIC_IP}:${OPENVIDU_PUBLIC_PORT}?transport=udp" hostname: kurento.meet.hosted.com image: kolab-kurento network_mode: host tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - /sys/fs/cgroup:/sys/fs/cgroup:ro mariadb: container_name: kolab-mariadb environment: MYSQL_ROOT_PASSWORD: Welcome2KolabSystems healthcheck: interval: 10s test: test -e /var/run/mysqld/mysqld.sock timeout: 5s retries: 30 image: mariadb network_mode: host openvidu: build: context: ./docker/openvidu/ container_name: kolab-openvidu depends_on: - kurento + environment: + #- SERVER_SSL_ENABLED=false + #- SERVER_PORT=5080 + - DOTENV_PATH + - COTURN_IP=${OPENVIDU_PUBLIC_IP} + - COTURN_REDIS_CONNECT_TIMEOUT= + - COTURN_REDIS_DBNAME=1 + - COTURN_REDIS_IP=127.0.0.1 + - COTURN_REDIS_PASSWORD= + - JAVA_OPTIONS=${OPENVIDU_JAVA_OPTIONS} + - KMS_URIS=[] hostname: meet.hosted.com image: kolab-openvidu network_mode: host tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: #- ./docker/certs/ca.cert:etc/pki/tls/certs/ca.cert:ro #- ./docker/certs/ca.cert:/etc/pki/ca-trust/source/anchors/ca.cert:ro #- ./docker/certs/meet.hosted.com.cert:/etc/pki/tls/certs/meet.hosted.com.cert #- ./docker/certs/meet.hosted.com.key:/etc/pki/tls/certs/meet.hosted.com.key - /sys/fs/cgroup:/sys/fs/cgroup:ro redis: build: context: ./docker/redis/ container_name: kolab-redis hostname: redis image: redis network_mode: host volumes: - ./docker/redis/redis.conf:/usr/local/etc/redis/redis.conf:ro worker: build: context: ./docker/worker/ container_name: kolab-worker depends_on: - kolab hostname: worker image: kolab-worker network_mode: host tmpfs: - /run - /tmp - /var/run - /var/tmp tty: true volumes: - ./src:/home/worker/src.orig:ro - /sys/fs/cgroup:/sys/fs/cgroup:ro diff --git a/docker/coturn/Dockerfile b/docker/coturn/Dockerfile new file mode 100644 index 00000000..1657606d --- /dev/null +++ b/docker/coturn/Dockerfile @@ -0,0 +1,45 @@ +FROM fedora:31 + +MAINTAINER Jeroen van Meeuwen + +ENV container docker +ENV SYSTEMD_PAGER='' + +RUN dnf -y install \ + --setopt 'tsflags=nodocs' \ + bash-completion \ + bind-utils \ + coturn \ + curl \ + dhcp-client \ + iproute \ + iptraf-ng \ + iputils \ + less \ + lsof \ + mtr \ + net-tools \ + NetworkManager \ + NetworkManager-tui \ + network-scripts \ + nmap-ncat \ + openssh-clients \ + openssh-server \ + procps-ng \ + strace \ + systemd-udev \ + tcpdump \ + telnet \ + traceroute \ + vim-enhanced \ + wget && \ + dnf clean all + +COPY rootfs/ / + +RUN chmod 770 /etc/coturn/ && chmod 660 /etc/coturn/turnserver.conf + +RUN systemctl enable coturn + +CMD ["/lib/systemd/systemd", "--system"] +ENTRYPOINT "/lib/systemd/systemd" diff --git a/docker/coturn/rootfs/etc/systemd/system/coturn.service.d/10_service_execstartpre.conf b/docker/coturn/rootfs/etc/systemd/system/coturn.service.d/10_service_execstartpre.conf new file mode 100644 index 00000000..dab6870b --- /dev/null +++ b/docker/coturn/rootfs/etc/systemd/system/coturn.service.d/10_service_execstartpre.conf @@ -0,0 +1,2 @@ +[Service] +ExecStartPre=/usr/local/sbin/coturn.sh diff --git a/docker/coturn/rootfs/usr/local/sbin/coturn.sh b/docker/coturn/rootfs/usr/local/sbin/coturn.sh new file mode 100755 index 00000000..0f0d6d07 --- /dev/null +++ b/docker/coturn/rootfs/usr/local/sbin/coturn.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +cat > /etc/coturn/turnserver.conf << EOF +external-ip=${TURN_PUBLIC_IP:-127.0.0.1} +listening-port=${TURN_LISTEN_PORT:-3478} +fingerprint +lt-cred-mech +max-port=${MAX_PORT:-65535} +min-port=${MIN_PORT:-40000} +pidfile="/run/coturn/turnserver.pid" +realm=openvidu +simple-log +redis-userdb="ip=${REDIS_IP:-127.0.0.1} dbname=${DB_NAME:-1} connect_timeout=30" +verbose +EOF diff --git a/docker/kurento-media-server/Dockerfile b/docker/kurento-media-server/Dockerfile index 0d78195d..260208f3 100644 --- a/docker/kurento-media-server/Dockerfile +++ b/docker/kurento-media-server/Dockerfile @@ -1,5 +1,4 @@ FROM kurento/kurento-media-server MAINTAINER Jeroen van Meeuwen -COPY rootfs/ / diff --git a/src/.env.example b/src/.env.example index 35349161..5dc44b31 100644 --- a/src/.env.example +++ b/src/.env.example @@ -1,134 +1,130 @@ APP_NAME=Kolab APP_ENV=local APP_KEY= APP_DEBUG=true APP_URL=http://127.0.0.1:8000 APP_PUBLIC_URL= APP_DOMAIN=kolabnow.com SUPPORT_URL= LOG_CHANNEL=stack DB_CONNECTION=mysql DB_DATABASE=kolabdev DB_HOST=127.0.0.1 DB_PASSWORD=kolab DB_PORT=3306 DB_USERNAME=kolabdev BROADCAST_DRIVER=log CACHE_DRIVER=redis QUEUE_CONNECTION=redis SESSION_DRIVER=file SESSION_LIFETIME=120 2FA_DSN=mysql://roundcube:Welcome2KolabSystems@127.0.0.1/roundcube 2FA_TOTP_DIGITS=6 2FA_TOTP_INTERVAL=30 2FA_TOTP_DIGEST=sha1 IMAP_URI=ssl://127.0.0.1:993 IMAP_ADMIN_LOGIN=cyrus-admin IMAP_ADMIN_PASSWORD=Welcome2KolabSystems IMAP_VERIFY_HOST=false IMAP_VERIFY_PEER=false LDAP_BASE_DN="dc=mgmt,dc=com" LDAP_DOMAIN_BASE_DN="ou=Domains,dc=mgmt,dc=com" LDAP_HOSTS=127.0.0.1 LDAP_PORT=389 LDAP_SERVICE_BIND_DN="uid=kolab-service,ou=Special Users,dc=mgmt,dc=com" LDAP_SERVICE_BIND_PW="Welcome2KolabSystems" LDAP_USE_SSL=false LDAP_USE_TLS=false # Administrative LDAP_ADMIN_BIND_DN="cn=Directory Manager" LDAP_ADMIN_BIND_PW="Welcome2KolabSystems" LDAP_ADMIN_ROOT_DN="dc=mgmt,dc=com" # Hosted (public registration) LDAP_HOSTED_BIND_DN="uid=hosted-kolab-service,ou=Special Users,dc=mgmt,dc=com" LDAP_HOSTED_BIND_PW="Welcome2KolabSystems" LDAP_HOSTED_ROOT_DN="dc=hosted,dc=com" OPENVIDU_API_PASSWORD=MY_SECRET OPENVIDU_API_URL=https://localhost:4443/api/ OPENVIDU_API_USERNAME=OPENVIDUAPP OPENVIDU_API_VERIFY_TLS=true +OPENVIDU_COTURN_REDIS_DB=2 +OPENVIDU_COTURN_REDIS_IP=127.0.0.1 +OPENVIDU_JAVA_OPTIONS="-Xms2048m -Xmx4096m -Duser.timezone=UTC" +# Used as COTURN_IP, TURN_PUBLIC_IP, for KMS_TURN_URL +OPENVIDU_PUBLIC_IP=127.0.0.1 +OPENVIDU_PUBLIC_PORT=3478 OPENVIDU_WEBHOOK=true -OPENVIDU_WEBHOOK_ENDPOINT=http://127.0.0.1:8000/api/webhooks/meet/openvidu +OPENVIDU_WEBHOOK_ENDPOINT=http://127.0.0.1:8000/webhooks/meet/openvidu # "CDR" events, see https://docs.openvidu.io/en/2.13.0/reference-docs/openvidu-server-cdr/ -OPENVIDU_WEBHOOK_EVENTS=[ - "sessionCreated", - "sessionDestroyed", - "participantJoined", - "participantLeft", - "webrtcConnectionCreated", - "webrtcConnectionDestroyed", - "recordingStatusChanged", - "filterEventDispatched" - ] - -OPENVIDU_WEBHOOK_HEADERS=[\"Authorization:\ Basic\ SOMETHING\"] +#OPENVIDU_WEBHOOK_EVENTS=[sessionCreated,sessionDestroyed,participantJoined,participantLeft,webrtcConnectionCreated,webrtcConnectionDestroyed,recordingStatusChanged,filterEventDispatched,mediaNodeStatusChanged] +#OPENVIDU_WEBHOOK_HEADERS=[\"Authorization:\ Basic\ SOMETHING\"] REDIS_HOST=127.0.0.1 REDIS_PASSWORD=null REDIS_PORT=6379 SWOOLE_HTTP_HOST=127.0.0.1 SWOOLE_HTTP_PORT=8000 PAYMENT_PROVIDER= MOLLIE_KEY= STRIPE_KEY= STRIPE_PUBLIC_KEY= STRIPE_WEBHOOK_SECRET= MAIL_DRIVER=smtp MAIL_HOST=smtp.mailtrap.io MAIL_PORT=2525 MAIL_USERNAME=null MAIL_PASSWORD=null MAIL_ENCRYPTION=null MAIL_FROM_ADDRESS="noreply@example.com" MAIL_FROM_NAME="Example.com" MAIL_REPLYTO_ADDRESS=null MAIL_REPLYTO_NAME=null DNS_TTL=3600 DNS_SPF="v=spf1 mx -all" DNS_STATIC="%s. MX 10 ext-mx01.mykolab.com." DNS_COPY_FROM=null AWS_ACCESS_KEY_ID= AWS_SECRET_ACCESS_KEY= AWS_DEFAULT_REGION=us-east-1 AWS_BUCKET= PUSHER_APP_ID= PUSHER_APP_KEY= PUSHER_APP_SECRET= PUSHER_APP_CLUSTER=mt1 MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}" MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}" JWT_SECRET= COMPANY_NAME= COMPANY_ADDRESS= COMPANY_DETAILS= COMPANY_EMAIL= COMPANY_LOGO= COMPANY_FOOTER= VAT_COUNTRIES=CH,LI VAT_RATE=7.7 KB_ACCOUNT_DELETE= KB_ACCOUNT_SUSPENDED=