diff --git a/playbook.yml b/playbook.yml
index 540a6f99..144adcbe 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -143,7 +143,8 @@
- role: docker-bigbluebutton
vars:
domain: bbb.{{top_domain}}
- http_port: 8012
+ http_port_I: 8012
+ http_port_II: 8013
- name: setup akaunting hosts
hosts: akaunting_hosts
become: true
diff --git a/roles/docker-bigbluebutton/readme.md b/roles/docker-bigbluebutton/readme.md
index c32e5a7f..52d5af9d 100644
--- a/roles/docker-bigbluebutton/readme.md
+++ b/roles/docker-bigbluebutton/readme.md
@@ -1,5 +1,12 @@
# docker bigbluebutton
+## cleanup
+```bash
+ docker-compose down;
+ docker volume rm bigbluebutton_bigbluebutton bigbluebutton_html5-static bigbluebutton_vol-freeswitch bigbluebutton_vol-kurento bigbluebutton_vol-mediasoup
+```
+
## Further information
- https://github.com/bigbluebutton/docker
+- https://docs.bigbluebutton.org/greenlight/gl-install.html#setting-bigbluebutton-credentials
- https://goneuland.de/big-blue-button-mit-docker-und-traefik-installieren/
\ No newline at end of file
diff --git a/roles/docker-bigbluebutton/tasks/main.yml b/roles/docker-bigbluebutton/tasks/main.yml
index 1d22530e..19c0a809 100644
--- a/roles/docker-bigbluebutton/tasks/main.yml
+++ b/roles/docker-bigbluebutton/tasks/main.yml
@@ -2,8 +2,12 @@
- name: recieve {{domain}} certificate
command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
+#- name: configure {{domain}}.conf
+# template: src=roles/native-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
+# notify: restart nginx
+
- name: configure {{domain}}.conf
- template: src=roles/native-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
+ template: src=templates/nginx-proxy.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
notify: restart nginx
- name: register directory
@@ -25,19 +29,14 @@
update: yes
recursive: yes
version: main
-# notify: setup bigbluebutton
+ notify: setup bigbluebutton
become: true
-#
-#- name: set bigbluebutton version
-# ansible.builtin.shell: find . -type f -exec sed -i 's/bigbluebutton:latest/bigbluebutton:{{bigbluebutton_version}}/' {} + && find . -type f -exec sed -i 's/version=latest/version={{bigbluebutton_version}}/' {} +
-# become: true
-# args:
-# chdir: "{{docker_compose_bigbluebutton_path}}"
-#
-#- name: configure db.env
-# template: src=db.env.j2 dest={{docker_compose_bigbluebutton_path}}/env/db.env
-# notify: setup bigbluebutton
-#
-#- name: configure run.env
-# template: src=run.env.j2 dest={{docker_compose_bigbluebutton_path}}/env/run.env
-# notify: setup bigbluebutton
+
+
+- name: configure .env
+ template: src=env.j2 dest={{docker_compose_bigbluebutton_path}}/.env
+ notify: setup bigbluebutton
+
+- name: configure docker-compose.yml
+ template: src=docker-compose.yml.j2 dest={{docker_compose_bigbluebutton_path}}/docker-compose.yml
+ notify: setup bigbluebutton
diff --git a/roles/docker-bigbluebutton/templates/docker-compose.yml.j2 b/roles/docker-bigbluebutton/templates/docker-compose.yml.j2
new file mode 100644
index 00000000..6a4b2862
--- /dev/null
+++ b/roles/docker-bigbluebutton/templates/docker-compose.yml.j2
@@ -0,0 +1,469 @@
+version: '3.6'
+
+# html5 templates
+x-html5-backend: &html5backend
+ build:
+ context: mod/html5
+ args:
+ BBB_BUILD_TAG: v2022-03-30
+ TAG_HTML5: v2.5.7
+ image: alangecker/bbb-docker-html5:v2.5.7
+ restart: unless-stopped
+ depends_on:
+ - redis
+ - mongodb
+ - etherpad
+ environment: &html5backend-env
+ DOMAIN: ${DOMAIN}
+ CLIENT_TITLE: ${CLIENT_TITLE}
+ LISTEN_ONLY_MODE: ${LISTEN_ONLY_MODE:-true}
+ DISABLE_ECHO_TEST: ${DISABLE_ECHO_TEST:-false}
+ AUTO_SHARE_WEBCAM: ${AUTO_SHARE_WEBCAM:-false}
+ DISABLE_VIDEO_PREVIEW: ${DISABLE_VIDEO_PREVIEW:-false}
+ CHAT_ENABLED: ${CHAT_ENABLED:-true}
+ CHAT_START_CLOSED: ${CHAT_START_CLOSED:-false}
+ BREAKOUTROOM_LIMIT: ${BREAKOUTROOM_LIMIT:-8}
+ DEV_MODE: ${DEV_MODE:-}
+ BBB_HTML5_ROLE: backend
+
+x-html5-frontend: &html5frontend
+ <<: *html5backend
+ volumes:
+ - html5-static:/html5-static:rw
+ environment: &html5frontend-env
+ <<: *html5backend-env
+ BBB_HTML5_ROLE: frontend
+
+services:
+ bbb-web:
+ build:
+ context: mod/bbb-web
+ args:
+ BBB_BUILD_TAG: v2022-03-30
+ TAG_COMMON_MESSAGE: v2.5.7
+ TAG_BBB_WEB: v2.5.8
+ image: alangecker/bbb-docker-web:v2.5.8
+ restart: unless-stopped
+ depends_on:
+ - redis
+ - etherpad
+ healthcheck:
+ test: wget --no-proxy --no-verbose --tries=1 --spider http://10.7.7.2:8090/bigbluebutton/api || exit 1
+ start_period: 2m
+ environment:
+ DEV_MODE: ${DEV_MODE:-}
+ DOMAIN: ${DOMAIN}
+ ENABLE_RECORDING: ${ENABLE_RECORDING:-false}
+ SHARED_SECRET: ${SHARED_SECRET}
+ WELCOME_MESSAGE: ${WELCOME_MESSAGE:-}
+ WELCOME_FOOTER: ${WELCOME_FOOTER}
+ STUN_SERVER: stun:${STUN_IP}:${STUN_PORT}
+ TURN_SERVER: ${TURN_SERVER:-}
+ TURN_SECRET: ${TURN_SECRET:-}
+ ENABLE_LEARNING_DASHBOARD: ${ENABLE_LEARNING_DASHBOARD:-true}
+ NUMBER_OF_BACKEND_NODEJS_PROCESSES: 2
+ volumes:
+ - bigbluebutton:/var/bigbluebutton
+ - vol-freeswitch:/var/freeswitch/meetings
+ ports:
+ - 127.0.0.1:{{http_port_II}}:8090
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.2
+ logging:
+ driver: journald
+
+
+ html5-backend-1:
+ <<: *html5backend
+ environment:
+ <<: *html5backend-env
+ INSTANCE_ID: 1
+ PORT: 4000
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.100
+ logging:
+ driver: journald
+
+ html5-backend-2:
+ <<: *html5backend
+ environment:
+ <<: *html5backend-env
+ INSTANCE_ID: 2
+ PORT: 4001
+ logging:
+ driver: journald
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.101
+
+
+
+ html5-frontend-1:
+ <<: *html5frontend
+ environment:
+ <<: *html5frontend-env
+ INSTANCE_ID: 1
+ PORT: 4100
+ logging:
+ driver: journald
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.200
+
+ html5-frontend-2:
+ <<: *html5frontend
+ environment:
+ <<: *html5frontend-env
+ INSTANCE_ID: 2
+ PORT: 4101
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.201
+ logging:
+ driver: journald
+
+ freeswitch:
+ container_name: bbb-freeswitch
+ build:
+ context: mod/freeswitch
+ args:
+ TAG_FS_CONFIG: v2.5.7
+ image: alangecker/bbb-docker-freeswitch:v2.5.7
+ restart: unless-stopped
+ cap_add:
+ - IPC_LOCK
+ - NET_ADMIN
+ - NET_RAW
+ - NET_BROADCAST
+ - SYS_NICE
+ - SYS_RESOURCE
+ environment:
+ DOMAIN: ${DOMAIN}
+ EXTERNAL_IPv4: ${EXTERNAL_IPv4}
+ EXTERNAL_IPv6: ${EXTERNAL_IPv6:-::1}
+ SIP_IP_ALLOWLIST: ${SIP_IP_ALLOWLIST:-}
+ DISABLE_SOUND_MUTED: ${DISABLE_SOUND_MUTED:-false}
+ DISABLE_SOUND_ALONE: ${DISABLE_SOUND_ALONE:-false}
+ SOUNDS_LANGUAGE: ${SOUNDS_LANGUAGE:-en-us-callie}
+ ESL_PASSWORD: ${FSESL_PASSWORD:-ClueCon}
+ volumes:
+ - ./conf/sip_profiles:/etc/freeswitch/sip_profiles/external
+ - ./conf/dialplan_public:/etc/freeswitch/dialplan/public_docker
+ - vol-freeswitch:/var/freeswitch/meetings
+ network_mode: host
+ logging:
+ driver: journald
+
+ nginx:
+ build:
+ context: mod/nginx
+ args:
+ TAG_LEARNING_DASHBOARD: v2.5.5
+ image: alangecker/bbb-docker-nginx:1.21-v4.0.0-v2.5.5
+ restart: unless-stopped
+ depends_on:
+ - etherpad
+ - webrtc-sfu
+ - html5-backend-1
+ volumes:
+ - bigbluebutton:/var/bigbluebutton
+ - html5-static:/html5-static:ro
+ - ${DEFAULT_PRESENTATION:-/dev/null}:/www/default.pdf
+ network_mode: host
+ extra_hosts:
+ - "host.docker.internal:10.7.7.1"
+ - "bbb-web:10.7.7.2"
+ - "etherpad:10.7.7.4"
+ - "webrtc-sfu:10.7.7.1"
+ - "html5:10.7.7.11"
+ logging:
+ driver: journald
+
+ etherpad:
+ build: mod/etherpad
+ image: alangecker/bbb-docker-etherpad:1.8.18-3
+ restart: unless-stopped
+ logging:
+ driver: journald
+ depends_on:
+ - redis
+ environment:
+ ETHERPAD_API_KEY: ${ETHERPAD_API_KEY}
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.4
+
+ bbb-pads:
+ build: mod/bbb-pads
+ image: alangecker/bbb-docker-pads:v1.2.2
+ restart: unless-stopped
+ logging:
+ driver: journald
+ depends_on:
+ - redis
+ - etherpad
+ environment:
+ ETHERPAD_API_KEY: ${ETHERPAD_API_KEY}
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.18
+
+ redis:
+ image: redis:7.0-alpine
+ restart: unless-stopped
+ logging:
+ driver: journald
+ healthcheck:
+ test: ["CMD", "redis-cli", "ping"]
+ interval: 1s
+ timeout: 3s
+ retries: 30
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.5
+
+ mongodb:
+ container_name: bbb-mongodb
+ image: mongo:4.4
+ restart: unless-stopped
+ logging:
+ driver: journald
+ volumes:
+ - ./mod/mongo/mongod.conf:/etc/mongod.conf
+ - ./mod/mongo/init-replica.sh:/docker-entrypoint-initdb.d/init-replica.sh
+ tmpfs:
+ - /data/configdb
+ - /data/db
+ command: mongod --config /etc/mongod.conf --oplogSize 8 --replSet rs0 --noauth
+ healthcheck:
+ test: bash -c "if mongo --eval 'quit(db.runCommand({ ping':' 1 }).ok ? 0 ':' 2)'; then exit 0; fi; exit 1;"
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.6
+
+ # TODO: remove as soon as not required anymore by webrtc-sfu
+ kurento:
+ image: kurento/kurento-media-server:6.18
+ restart: unless-stopped
+ logging:
+ driver: journald
+ network_mode: host
+ volumes:
+ - vol-kurento:/var/kurento
+
+ webrtc-sfu:
+ build:
+ context: mod/webrtc-sfu
+ args:
+ BBB_BUILD_TAG: v2022-03-30
+ image: alangecker/bbb-docker-webrtc-sfu:v2.8.6
+ restart: unless-stopped
+ logging:
+ driver: journald
+ depends_on:
+ - redis
+ - freeswitch
+ environment:
+ CLIENT_HOST: 10.7.7.1
+ REDIS_HOST: 10.7.7.5
+ FREESWITCH_IP: 10.7.7.1
+ FREESWITCH_SIP_IP: ${EXTERNAL_IPv4}
+ ESL_IP: 10.7.7.1
+ ESL_PASSWORD: ${FSESL_PASSWORD:-ClueCon}
+ # TODO: add mediasoup IPv6
+ # TODO: can listen to 0.0.0.0 for nat support? https://github.com/versatica/mediasoup/issues/487
+
+ MS_WEBRTC_LISTEN_IPS: '[{"ip":"${EXTERNAL_IPv4}", "announcedIp":"${EXTERNAL_IPv4}"}]'
+
+ MS_RTP_LISTEN_IP: '{"ip":"0.0.0.0", "announcedIp":"${EXTERNAL_IPv4}"}'
+ volumes:
+ - vol-mediasoup:/var/mediasoup
+ tmpfs:
+ - /var/log/bbb-webrtc-sfu
+ network_mode: host
+
+ fsesl-akka:
+ build:
+ context: mod/fsesl-akka
+ args:
+ BBB_BUILD_TAG: v2022-03-30
+ TAG_COMMON_MESSAGE: v2.5.7
+ TAG_FSESL_AKKA: v2.5.7
+ image: alangecker/bbb-docker-fsesl-akka:v2.5.7
+ restart: unless-stopped
+ depends_on:
+ - redis
+ - freeswitch
+ environment:
+ FSESL_PASSWORD: ${FSESL_PASSWORD:-ClueCon}
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.14
+ logging:
+ driver: journald
+
+ apps-akka:
+ build:
+ context: mod/apps-akka
+ args:
+ BBB_BUILD_TAG: v2022-03-30
+ TAG_COMMON_MESSAGE: v2.5.7
+ TAG_APPS_AKKA: v2.5.7
+ image: alangecker/bbb-docker-apps-akka:v2.5.7
+ restart: unless-stopped
+ depends_on:
+ - redis
+ environment:
+ DOMAIN: ${DOMAIN}
+ SHARED_SECRET: ${SHARED_SECRET}
+ volumes:
+ - vol-freeswitch:/var/freeswitch/meetings
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.15
+ logging:
+ driver: journald
+
+ jodconverter:
+ build: mod/jodconverter
+ image: alangecker/bbb-docker-jodconverter:latest
+ security_opt:
+ - 'no-new-privileges:true'
+ restart: unless-stopped
+ tmpfs:
+ - /tmp
+ deploy:
+ resources:
+ limits:
+ memory: 512M
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.20
+ logging:
+ driver: journald
+
+ periodic:
+ build: mod/periodic
+ image: alangecker/bbb-docker-periodic:v2.5.0-rc.1
+ restart: unless-stopped
+ depends_on:
+ - mongodb
+ volumes:
+ - /var/run/docker.sock:/var/run/docker.sock
+ - bigbluebutton:/var/bigbluebutton
+ - vol-mediasoup:/var/mediasoup
+ tmpfs:
+ - /var/log/bigbluebutton
+ environment:
+ ENABLE_RECORDING: ${ENABLE_RECORDING}
+ REMOVE_OLD_RECORDING: ${REMOVE_OLD_RECORDING}
+ RECORDING_MAX_AGE_DAYS: ${RECORDING_MAX_AGE_DAYS}
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.12
+ logging:
+ driver: journald
+
+ # recordings
+ recordings:
+ build:
+ context: mod/recordings
+ args:
+ BBB_BUILD_TAG: v2022-03-30
+ TAG_RECORDINGS: v2.5.7
+ image: alangecker/bbb-docker-recordings:v2.5.7
+ restart: unless-stopped
+ depends_on:
+ - redis
+ - bbb-pads
+ environment:
+ DOMAIN: ${DOMAIN}
+ volumes:
+ - bigbluebutton:/var/bigbluebutton
+ - vol-freeswitch:/var/freeswitch/meetings
+ - vol-mediasoup:/var/mediasoup
+ - vol-kurento:/var/kurento
+ tmpfs:
+ - /var/log/bigbluebutton
+ - /tmp
+ networks:
+ bbb-net:
+ ipv4_address: 10.7.7.16
+ logging:
+ driver: journald
+
+ # coturn
+ coturn:
+ image: coturn/coturn:4.6-alpine
+ restart: unless-stopped
+ command:
+ - "--external-ip=${EXTERNAL_IPv4}/${EXTERNAL_IPv4}"
+ - "--external-ip=${EXTERNAL_IPv6:-::1}/${EXTERNAL_IPv6:-::1}"
+ - "--static-auth-secret=${TURN_SECRET}"
+ volumes:
+
+ - ${COTURN_TLS_CERT_PATH}:/tmp/cert.pem
+ - ${COTURN_TLS_KEY_PATH}:/tmp/key.pem
+
+ - ./mod/coturn/entrypoint.sh:/usr/local/bin/docker-entrypoint.sh
+ - ./mod/coturn/turnserver.conf:/etc/coturn/turnserver.conf
+ environment:
+ ENABLE_HTTPS_PROXY:
+ user: root
+ network_mode: host
+ logging:
+ driver: journald
+
+ # greenlight
+ greenlight:
+ logging:
+ driver: journald
+ image: bigbluebutton/greenlight:v2
+ restart: unless-stopped
+ env_file: .env
+ environment:
+ DB_ADAPTER: postgresql
+ DB_HOST: postgres
+ DB_NAME: greenlight
+ DB_USERNAME: postgres
+ DB_PASSWORD: ${POSTGRESQL_SECRET:-password}
+ SAFE_HOSTS: ${DOMAIN}
+ BIGBLUEBUTTON_ENDPOINT: https://${DOMAIN}/
+ BIGBLUEBUTTON_SECRET: ${SHARED_SECRET}
+ SECRET_KEY_BASE: ${RAILS_SECRET}
+ ports:
+ - 127.0.0.1:{{http_port_I}}:80
+ postgres:
+ image: postgres:12-alpine
+ restart: unless-stopped
+ logging:
+ driver: journald
+ environment:
+ POSTGRES_DB: greenlight
+ POSTGRES_USER: postgres
+ POSTGRES_PASSWORD: ${POSTGRESQL_SECRET:-password}
+ healthcheck:
+ test: ["CMD-SHELL", "pg_isready -U postgres"]
+ interval: 10s
+ timeout: 5s
+ retries: 5
+ volumes:
+ - database:/var/lib/postgresql/data
+
+volumes:
+ database:
+ bigbluebutton:
+ vol-freeswitch:
+ vol-kurento:
+ vol-mediasoup:
+ html5-static:
+
+
+networks:
+ bbb-net:
+ ipam:
+ driver: default
+ config:
+ - subnet: "10.7.7.0/24"
diff --git a/roles/docker-bigbluebutton/templates/env.j2 b/roles/docker-bigbluebutton/templates/env.j2
new file mode 100644
index 00000000..05ab3c7e
--- /dev/null
+++ b/roles/docker-bigbluebutton/templates/env.j2
@@ -0,0 +1,272 @@
+ENABLE_COTURN=true
+COTURN_TLS_CERT_PATH=/etc/letsencrypt/live/{{domain}}/fullchain.pem
+COTURN_TLS_KEY_PATH=/etc/letsencrypt/live/{{domain}}/privkey.pem
+ENABLE_GREENLIGHT=true
+
+# Enable Webhooks
+# used by some integrations
+#ENABLE_WEBHOOKS=true
+
+# Prometheus Exporter
+# serves the bigbluebutton-exporter under following URL:
+# https://yourdomain/bbb-exporter
+#ENABLE_PROMETHEUS_EXPORTER=true
+#ENABLE_PROMETHEUS_EXPORTER_OPTIMIZATION=true
+
+# Recording
+# IMPORTANT: this is currently a big privacy issues, because it will
+# record everything which happens in the conference, even when the button
+# suggets, that it does not.
+# https://github.com/bigbluebutton/bigbluebutton/issues/9202
+# make sure that you get peoples consent, before they join a room
+ENABLE_RECORDING=false
+REMOVE_OLD_RECORDING=true
+RECORDING_MAX_AGE_DAYS=365
+
+# ====================================
+# SECRETS
+# ====================================
+# important! change these to any random values
+SHARED_SECRET={{bigbluebutton_shared_secret}}
+ETHERPAD_API_KEY={{bigbluebutton_etherpad_api_key}}
+RAILS_SECRET={{bigbluebutton_rails_secret}}
+POSTGRESQL_SECRET={{bigbluebutton_postgresql_secret}}
+FSESL_PASSWORD={{bigbluebutton_fsesl_password}}
+
+
+
+# ====================================
+# CONNECTION
+# ====================================
+
+DOMAIN={{domain}}
+
+EXTERNAL_IPv4={{ip4_address}}
+EXTERNAL_IPv6=
+
+# STUN SERVER
+# stun.freeswitch.org
+STUN_IP={{ip4_address}}
+STUN_PORT=3478
+
+# TURN SERVER
+# uncomment and adjust following two lines to add an external TURN server
+TURN_SERVER=turns:{{domain}}:5349?transport=tcp
+TURN_SECRET={{bigbluebutton_turn_secret}}
+
+# Allowed SIP IPs
+# due to high traffic caused by bots, by default the SIP port is blocked.
+# but you can allow access by your providers IP or IP ranges (comma seperated)
+# Hint: if you want to allow requests from every IP, you can use 0.0.0.0/0
+SIP_IP_ALLOWLIST=
+
+
+# ====================================
+# CUSTOMIZATION
+# ====================================
+
+CLIENT_TITLE=BigBlueButton
+
+# use following lines to replace the default welcome message and footer
+WELCOME_MESSAGE="Welcome to %%CONFNAME%%!
For help on using BigBlueButton see these (short) tutorial videos.
To join the audio bridge click the speaker button. Use a headset to avoid causing background noise for others."
+WELCOME_FOOTER="This server is running BigBlueButton."
+
+# use following line for an additional SIP dial-in message
+#WELCOME_FOOTER="This server is running BigBlueButton.
To join this meeting by phone, dial:
INSERT_YOUR_PHONE_NUMBER_HERE
Then enter %%CONFNUM%% as the conference PIN number."
+
+# for a different default presentation, place the pdf file in ./conf/ and
+# adjust the following path
+DEFAULT_PRESENTATION=./mod/nginx/default.pdf
+
+# language of sound announcements
+# options:
+# - en-ca-june - EN Canadian June
+# - en-us-allison - US English Allison
+# - en-us-callie - US English Callie
+# - de-de-daedalus3 - German by Daedalus3 (https://github.com/Daedalus3/freeswitch-german-soundfiles)
+# - es-ar-mario - Spanish/Argentina Mario
+# - fr-ca-june - FR Canadian June
+# - pt-br-karina - Brazilian Portuguese Karina
+# - ru-RU-elena - RU Russian Elena
+# - ru-RU-kirill - RU Russian Kirill
+# - ru-RU-vika - RU Russian Viktoriya
+# - sv-se-jakob - Swedish (Sweden) Jakob
+# - zh-cn-sinmei - Chinese/China Sinmei
+# - zh-hk-sinmei - Chinese/Hong Kong Sinmei
+SOUNDS_LANGUAGE=en-us-callie
+
+# set to false to disable listenOnlyMode
+LISTEN_ONLY_MODE=true
+
+# set to true to disable echo test
+DISABLE_ECHO_TEST=false
+
+# set to true to automatically share webcam
+AUTO_SHARE_WEBCAM=false
+
+# set to true to disable video preview for webcam sharing
+DISABLE_VIDEO_PREVIEW=false
+
+# set to false to disable chat
+CHAT_ENABLED=true
+
+# set to true to start chat closed
+CHAT_START_CLOSED=false
+
+# set to true to disable announcements "You are now (un-)muted"
+DISABLE_SOUND_MUTED=false
+
+# set to true to disable announcement "You are the only person in this conference"
+DISABLE_SOUND_ALONE=false
+
+# maximum count of breakout rooms per meeting
+# Warning: increasing the limit of breakout rooms per meeting
+# can generate excessive overhead to the server. We recommend
+# this value to be kept under 12.
+BREAKOUTROOM_LIMIT=8
+
+# set to false to disable the learning dashboard
+ENABLE_LEARNING_DASHBOARD=true
+
+# ====================================
+# Tuning
+# ====================================
+# Default = 2; Min = 1; Max = 4
+# On powerful systems with high number of meetings you can set values up to 4 to accelerate handling of events
+NUMBER_OF_BACKEND_NODEJS_PROCESSES=2
+
+# Default = 2; Min = 1; Max = 8
+# Set a number between 1 and 4 times the value of NUMBER_OF_BACKEND_NODEJS_PROCESSES where higher number helps with meetings
+# stretching the recommended number of users in BigBlueButton
+NUMBER_OF_FRONTEND_NODEJS_PROCESSES=2
+
+
+# ====================================
+# GREENLIGHT CONFIGURATION
+# ====================================
+
+# Microsoft Office365 Login Provider (optional)
+#
+# For in-depth steps on setting up a Office 365 Login Provider, see:
+#
+# https://docs.bigbluebutton.org/greenlight/gl-config.html#office365-oauth2
+#
+OFFICE365_KEY=
+OFFICE365_SECRET=
+OFFICE365_HD=
+
+# OAUTH2_REDIRECT allows you to specify the redirect_url passed to oauth on sign in.
+# It is useful for cases when Greenlight is deployed behind a Network Load Balancer or proxy
+OAUTH2_REDIRECT=
+
+# LDAP Login Provider (optional)
+#
+# You can enable LDAP authentication by providing values for the variables below.
+# Configuring LDAP authentication will take precedence over all other providers.
+# For information about setting up LDAP, see:
+#
+# https://docs.bigbluebutton.org/greenlight/gl-config.html#ldap-auth
+#
+# LDAP_SERVER=ldap.example.com
+# LDAP_PORT=389
+# LDAP_METHOD=plain
+# LDAP_UID=uid
+# LDAP_BASE=dc=example,dc=com
+# LDAP_AUTH=simple
+# LDAP_BIND_DN=cn=admin,dc=example,dc=com
+# LDAP_PASSWORD=password
+# LDAP_ROLE_FIELD=ou
+# LDAP_FILTER=(&(attr1=value1)(attr2=value2))
+LDAP_SERVER=
+LDAP_PORT=
+LDAP_METHOD=
+LDAP_UID=
+LDAP_BASE=
+LDAP_BIND_DN=
+LDAP_AUTH=
+LDAP_PASSWORD=
+LDAP_ROLE_FIELD=
+LDAP_FILTER=
+
+# Set this to true if you want GreenLight to support user signup and login without
+# Omniauth. For more information, see:
+#
+# https://docs.bigbluebutton.org/greenlight/gl-overview.html#accounts-and-profile
+#
+ALLOW_GREENLIGHT_ACCOUNTS=true
+
+SMTP_SERVER={{system_email_host}}
+SMTP_DOMAIN={{domain}}
+SMTP_PORT={{system_email_port}}
+SMTP_USERNAME={{system_email_username}}
+SMTP_PASSWORD={{system_email_password}}
+SMTP_AUTH=plain
+SMTP_OPENSSL_VERIFY_MODE=none
+SMTP_STARTTLS_AUTO=true
+SMTP_SENDER={{system_email_username}}
+
+# Prefix for the applications root URL.
+# Useful for deploying the application to a subdirectory, which is highly recommended
+# if deploying on a BigBlueButton server. Keep in mind that if you change this, you'll
+# have to update your authentication callback URL's to reflect this change.
+#
+# The recommended prefix is "/b".
+#
+RELATIVE_URL_ROOT="{{relative_url_root}}"
+
+# Specify which settings you would like the users to configure on room creation
+# or edit after the room has been created
+# By default, all settings are turned OFF.
+#
+# Current settings available:
+# mute-on-join: Automatically mute users by default when they join a room
+# require-moderator-approval: Require moderators to approve new users before they can join the room
+# anyone-can-start: Allows anyone with the join url to start the room in BigBlueButton
+# all-join-moderator: All users join as moderators in BigBlueButton
+ROOM_FEATURES=mute-on-join,require-moderator-approval,anyone-can-start,all-join-moderator
+
+# Specify the maximum number of records to be sent to the BigBlueButton API in one call
+# Default is set to 25 records
+PAGINATION_NUMBER=25
+
+# Specify the maximum number of rows that should be displayed per page for a paginated table
+# Default is set to 25 rows
+NUMBER_OF_ROWS=25
+
+# Specify if you want to display the Google Calendar button
+# ENABLE_GOOGLE_CALENDAR_BUTTON=true|false
+ENABLE_GOOGLE_CALENDAR_BUTTON=
+
+# Set the application into Maintenance Mode
+#
+# Current options supported:
+# true: Renders an error page that does not allow users to access any of the features in the application
+# false: Application runs normally
+MAINTENANCE_MODE=false
+
+# Displays a flash that appears to inform the user of a scheduled maintenance window
+# This variable should contain ONLY the date and time of the scheduled maintenance
+#
+# Ex: MAINTENANCE_WINDOW=Friday August 18 6pm-10pm EST
+MAINTENANCE_WINDOW=
+
+# The link to the Report an Issue button that appears on the 500 page and in the Account Dropdown
+#
+# Defaults to the Github Issues Page for Greenlight
+# Button can be disabled by setting the value to blank
+#
+# REPORT_ISSUE_URL=https://github.com/bigbluebutton/greenlight/issues/new
+
+# The link to the Need help? button that appears on the Account Dropdown
+#
+# Defaults to the Greenlight documentation
+# Button can be disabled by setting the value to blank
+HELP_URL=https://docs.bigbluebutton.org/greenlight/gl-overview.html
+
+# Specify the default registration to be used by Greenlight until an administrator sets the
+# registration method
+# Allowed values are:
+# open - For open registration
+# invite - For invite only registration
+# approval - For approve/decline registration
+DEFAULT_REGISTRATION=invite
diff --git a/roles/docker-bigbluebutton/templates/nginx-proxy.conf.j2 b/roles/docker-bigbluebutton/templates/nginx-proxy.conf.j2
new file mode 100644
index 00000000..9a2d7f34
--- /dev/null
+++ b/roles/docker-bigbluebutton/templates/nginx-proxy.conf.j2
@@ -0,0 +1,30 @@
+server
+{
+ server_name {{domain}};
+
+ {% include 'roles/native-letsencrypt/templates/ssl_header.j2' %}
+
+ {% with http_port=http_port_II %}
+ {% include 'roles/native-docker-reverse-proxy/templates/proxy_pass.conf.j2' %}
+ {% endwith %}
+
+ location {{relative_url_root}} {
+ proxy_pass http://127.0.0.1:{{http_port_I}};
+
+ # headers
+ proxy_set_header Host $host;
+ proxy_set_header X-Real-IP $remote_addr;
+ proxy_set_header X-Forwarded-Proto https;
+ proxy_set_header X-Forwarded-Port 443;
+
+ # deactivate buffering
+ proxy_buffering off;
+ proxy_request_buffering off;
+
+ # timeouts
+ proxy_connect_timeout 1s;
+ proxy_send_timeout 900s;
+ proxy_read_timeout 900s;
+ send_timeout 900s;
+ }
+}
diff --git a/roles/docker-bigbluebutton/vars/main.yml b/roles/docker-bigbluebutton/vars/main.yml
index 01b26970..e3e48a67 100644
--- a/roles/docker-bigbluebutton/vars/main.yml
+++ b/roles/docker-bigbluebutton/vars/main.yml
@@ -1 +1,2 @@
docker_compose_bigbluebutton_path: "/home/administrator/docker-compose/bigbluebutton/"
+relative_url_root: "/b/"
\ No newline at end of file