bbb role?

author: Sacha Chua <sacha@sachachua.com> 2025-01-23 09:01:12 -0500
committer: Sacha Chua <sacha@sachachua.com> 2025-01-23 09:01:12 -0500
commit: 802e2341157a5a6a74022acb49ccf81d4e075deb (patch)
tree: 8d01cd7f49eb988849882f99049aac2a75d57fe1
parent: 1a75fcb89d54225ae67f34b3a2894e7cf9021815 (diff)
download: emacsconf-ansible-802e2341157a5a6a74022acb49ccf81d4e075deb.tar.xz
emacsconf-ansible-802e2341157a5a6a74022acb49ccf81d4e075deb.zip
10 files changed, 330 insertions, 0 deletions
diff --git a/common-playbook.yml b/common-playbook.yml
index a523a22..85eb5bd 100644
--- a/common-playbook.yml
+++ b/common-playbook.yml
@@ -56,6 +56,11 @@
   tags: media
   roles:
     - media
+- name: Set up BigBlueButton
+  hosts: bbb
+  tags: bbb
+  roles:
+    - bbb
 - name: Set up OBS
   hosts: obs
   tags: obs
diff --git a/roles/bbb/README.md b/roles/bbb/README.md
new file mode 100644
index 0000000..225dd44
--- /dev/null
+++ b/roles/bbb/README.md
@@ -0,0 +1,38 @@
+Role Name
+=========
+
+A brief description of the role goes here.
+
+Requirements
+------------
+
+Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
+
+Role Variables
+--------------
+
+A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
+
+Dependencies
+------------
+
+A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
+
+Example Playbook
+----------------
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      roles:
+         - { role: username.rolename, x: 42 }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).
diff --git a/roles/bbb/defaults/main.yml b/roles/bbb/defaults/main.yml
new file mode 100644
index 0000000..17c44b0
--- /dev/null
+++ b/roles/bbb/defaults/main.yml
@@ -0,0 +1,4 @@
+bbb_docker_repo_dir: /data/emacsconf/shared/bbb-docker-repo
+bbb_docker_dir: /data/emacsconf/shared/bbb-docker
+bbb_domain: bbb.emacsverse.org
+bbb_ip: 207.66.177.26
diff --git a/roles/bbb/handlers/main.yml b/roles/bbb/handlers/main.yml
new file mode 100644
index 0000000..40aff70
--- /dev/null
+++ b/roles/bbb/handlers/main.yml
@@ -0,0 +1,2 @@
+---
+# handlers file for bbb
diff --git a/roles/bbb/meta/main.yml b/roles/bbb/meta/main.yml
new file mode 100644
index 0000000..c572acc
--- /dev/null
+++ b/roles/bbb/meta/main.yml
@@ -0,0 +1,52 @@
+galaxy_info:
+  author: your name
+  description: your role description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.1
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.
diff --git a/roles/bbb/tasks/main.yml b/roles/bbb/tasks/main.yml
new file mode 100644
index 0000000..1a4b115
--- /dev/null
+++ b/roles/bbb/tasks/main.yml
@@ -0,0 +1,18 @@
+---
+- name: Create group
+  group:
+    name: "{{ emacsconf_group }}"
+    state: present
+- name: Create user
+  user:
+    name: "{{ emacsconf_user }}"
+    group: "{{ emacsconf_group }}"
+    state: present
+- name: Add public key for authorized access
+  ansible.posix.authorized_key:
+    user: "{{ emacsconf_user }}"
+    state: present
+    key: '{{ item }}'
+  with_file:
+    - ../../base/files/keys/sachac
+    - ../../base/files/keys/orga
diff --git a/roles/bbb/templates/env.template b/roles/bbb/templates/env.template
new file mode 100644
index 0000000..65e8770
--- /dev/null
+++ b/roles/bbb/templates/env.template
@@ -0,0 +1,202 @@
+# ====================================
+# ADDITIONS to BigBlueButton
+# ====================================
+# (place a '#' before to disable them)
+
+# HTTPS Proxy
+# fully automated Lets Encrypt certificates
+ENABLE_HTTPS_PROXY=true
+# If your network doesn't allow access to DNS at 8.8.8.8 specify your own resolvers
+#RESOLVER_ADDRESS=x.x.x.x
+
+# coturn (a TURN Server)
+# requires either the abhove HTTPS Proxy to be enabled
+# or TLS certificates to be mounted to container
+ENABLE_COTURN=true
+#COTURN_TLS_CERT_PATH=
+#COTURN_TLS_KEY_PATH=
+
+# Greenlight Frontend
+# https://docs.bigbluebutton.org/greenlight/gl-overview.html
+ENABLE_GREENLIGHT=true
+
+# Enable Webhooks
+# used by some integrations
+#ENABLE_WEBHOOKS=true
+
+# Prometheus Exporter
+# serves the bigbluebutton-exporter under following URL:
+# https://yourdomain/bbb-exporter
+#ENABLE_PROMETHEUS_EXPORTER=true
+#ENABLE_PROMETHEUS_EXPORTER_OPTIMIZATION=true
+
+# Recording
+# IMPORTANT: this is currently a big privacy issues, because it will
+# record everything which happens in the conference, even when the button
+# suggets, that it does not.
+# https://github.com/bigbluebutton/bigbluebutton/issues/9202
+# make sure that you get peoples consent, before they join a room
+ENABLE_RECORDING=true
+#REMOVE_OLD_RECORDING=false
+#RECORDING_MAX_AGE_DAYS=14
+
+# ====================================
+# SECRETS
+# ====================================
+# important! change these to any random values
+SHARED_SECRET={{ bbb_shared_secret }}
+ETHERPAD_API_KEY={{ bbb_etherpad_api_key }}
+RAILS_SECRET={{ bbb_rails_secret }}
+POSTGRESQL_SECRET={{ bbb_postgresql_secret }}
+FSESL_PASSWORD={{ bbb_fsesl_password }}
+
+
+
+# ====================================
+# CONNECTION
+# ====================================
+
+DOMAIN={{ bbb_domain }}
+
+EXTERNAL_IPv4={{ bbb_ip }}
+EXTERNAL_IPv6=
+
+# STUN SERVER
+# stun.freeswitch.org
+STUN_IP={{ bbb_ip }}
+STUN_PORT=3478
+
+# TURN SERVER
+# uncomment and adjust following two lines to add an external TURN server
+TURN_SERVER=turns:{{ bbb_domain }}:5349?transport=tcp
+TURN_SECRET={{ bbb_turn_secret }}
+
+# Allowed SIP IPs
+# due to high traffic caused by bots, by default the SIP port is blocked.
+# but you can allow access by your providers IP or IP ranges (comma seperated)
+# Hint: if you want to allow requests from every IP, you can use 0.0.0.0/0
+SIP_IP_ALLOWLIST=
+
+
+# ====================================
+# CUSTOMIZATION
+# ====================================
+
+CLIENT_TITLE=BigBlueButton
+
+# use following lines to replace the default welcome message and footer
+WELCOME_MESSAGE="Welcome to <b>%%CONFNAME%%</b>!<br><br>For help on using BigBlueButton see these (short) <a href='https://www.bigbluebutton.org/html5' target='_blank'><u>tutorial videos</u></a>.<br><br>To join the audio bridge click the speaker button.  Use a headset to avoid causing background noise for others."
+WELCOME_FOOTER="This server is running <a href='https://docs.bigbluebutton.org/'' target='_blank'><u>BigBlueButton</u></a>."
+
+# use following line for an additional SIP dial-in message
+#WELCOME_FOOTER="This server is running <a href='https://docs.bigbluebutton.org/' target='_blank'><u>BigBlueButton</u></a>. <br><br>To join this meeting by phone, dial:<br>  INSERT_YOUR_PHONE_NUMBER_HERE<br>Then enter %%CONFNUM%% as the conference PIN number."
+
+# for a different default presentation, place the pdf file in ./conf/ and
+# adjust the following path
+DEFAULT_PRESENTATION=./mod/nginx/default.pdf
+
+# language of sound announcements
+# options:
+# - en-ca-june - EN Canadian June
+# - en-us-allison - US English Allison
+# - en-us-callie - US English Callie (default)
+# - de-de-daedalus3 - German by Daedalus3 (https://github.com/Daedalus3/freeswitch-german-soundfiles)
+# - es-ar-mario - Spanish/Argentina Mario
+# - fr-ca-june - FR Canadian June
+# - pt-br-karina - Brazilian Portuguese Karina
+# - ru-RU-elena - RU Russian Elena
+# - ru-RU-kirill - RU Russian Kirill
+# - ru-RU-vika - RU Russian Viktoriya
+# - sv-se-jakob - Swedish (Sweden) Jakob
+# - zh-cn-sinmei - Chinese/China Sinmei
+# - zh-hk-sinmei - Chinese/Hong Kong Sinmei
+SOUNDS_LANGUAGE=en-us-callie
+
+# set to false to disable listenOnlyMode
+LISTEN_ONLY_MODE=true
+
+# set to true to disable echo test
+DISABLE_ECHO_TEST=false
+
+# set to true to automatically share webcam
+AUTO_SHARE_WEBCAM=false
+
+# set to true to disable video preview for webcam sharing
+DISABLE_VIDEO_PREVIEW=false
+
+# set to false to disable chat
+CHAT_ENABLED=true
+
+# set to true to start chat closed
+CHAT_START_CLOSED=false
+
+# set to true to disable announcements "You are now (un-)muted"
+DISABLE_SOUND_MUTED=false
+
+# set to true to disable announcement "You are the only person in this conference"
+DISABLE_SOUND_ALONE=false
+
+# maximum count of breakout rooms per meeting
+# Warning: increasing the limit of breakout rooms per meeting
+# can generate excessive overhead to the server. We recommend
+# this value to be kept under 12.
+BREAKOUTROOM_LIMIT=8
+
+# set to false to disable the learning dashboard
+ENABLE_LEARNING_DASHBOARD=true
+
+# ====================================
+# Tuning
+# ====================================
+# Default = 2; Min = 1; Max = 4
+# On powerful systems with high number of meetings you can set values up to 4 to accelerate handling of events
+NUMBER_OF_BACKEND_NODEJS_PROCESSES=2
+
+# Default = 2; Min = 1; Max = 8
+# Set a number between 1 and 4 times the value of NUMBER_OF_BACKEND_NODEJS_PROCESSES where higher number helps with meetings
+# stretching the recommended number of users in BigBlueButton
+NUMBER_OF_FRONTEND_NODEJS_PROCESSES=2
+
+
+# ====================================
+# GREENLIGHT CONFIGURATION
+# ====================================
+
+### SMTP CONFIGURATION
+# Emails are required for the basic features of Greenlight to function.
+# Please refer to your SMTP provider to get the values for the variables below
+#SMTP_SENDER_EMAIL=
+#SMTP_SENDER_NAME=
+#SMTP_SERVER=
+#SMTP_PORT=
+#SMTP_DOMAIN=bbb.emacsverse.org
+#SMTP_USERNAME=
+#SMTP_PASSWORD=
+#SMTP_AUTH=
+#SMTP_STARTTLS_AUTO=true
+#SMTP_STARTTLS=false
+#SMTP_TLS=false
+#SMTP_SSL_VERIFY=true
+
+### EXTERNAL AUTHENTICATION METHODS
+#
+#OPENID_CONNECT_CLIENT_ID=
+#OPENID_CONNECT_CLIENT_SECRET=
+#OPENID_CONNECT_ISSUER=
+#OPENID_CONNECT_REDIRECT=
+
+# To enable hCaptcha on the user sign up and sign in, define these 2 keys
+#HCAPTCHA_SITE_KEY=
+#HCAPTCHA_SECRET_KEY=
+
+# Set these if you are using a Simple Storage Service (S3)
+# Uncomment S3_ENDPOINT only if you are using a S3 OTHER than Amazon Web Service (AWS) S3.
+#S3_ACCESS_KEY_ID=
+#S3_SECRET_ACCESS_KEY=
+#S3_REGION=
+#S3_BUCKET=
+#S3_ENDPOINT=
+
+# Define the default locale language code (i.e. 'en' for English) from the fallowing list:
+#  [en, ar, fr, es]
+#DEFAULT_LOCALE=en
diff --git a/roles/bbb/tests/inventory b/roles/bbb/tests/inventory
new file mode 100644
index 0000000..878877b
--- /dev/null
+++ b/roles/bbb/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/roles/bbb/tests/test.yml b/roles/bbb/tests/test.yml
new file mode 100644
index 0000000..72d74f0
--- /dev/null
+++ b/roles/bbb/tests/test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - bbb
diff --git a/roles/bbb/vars/main.yml b/roles/bbb/vars/main.yml
new file mode 100644
index 0000000..de701b8
--- /dev/null
+++ b/roles/bbb/vars/main.yml
@@ -0,0 +1,2 @@
+---
+# vars file for bbb
author	Sacha Chua <sacha@sachachua.com>	2025-01-23 09:01:12 -0500
committer	Sacha Chua <sacha@sachachua.com>	2025-01-23 09:01:12 -0500
commit	802e2341157a5a6a74022acb49ccf81d4e075deb (patch)
tree	8d01cd7f49eb988849882f99049aac2a75d57fe1
parent	1a75fcb89d54225ae67f34b3a2894e7cf9021815 (diff)
download	emacsconf-ansible-802e2341157a5a6a74022acb49ccf81d4e075deb.tar.xz emacsconf-ansible-802e2341157a5a6a74022acb49ccf81d4e075deb.zip