diff options
Diffstat (limited to 'roles')
31 files changed, 625 insertions, 27 deletions
diff --git a/roles/bbb/README.md b/roles/bbb/README.md new file mode 100644 index 0000000..225dd44 --- /dev/null +++ b/roles/bbb/README.md @@ -0,0 +1,38 @@ +Role Name +========= + +A brief description of the role goes here. + +Requirements +------------ + +Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. + +Role Variables +-------------- + +A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. + +Dependencies +------------ + +A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. + +Example Playbook +---------------- + +Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too: + + - hosts: servers + roles: + - { role: username.rolename, x: 42 } + +License +------- + +BSD + +Author Information +------------------ + +An optional section for the role authors to include contact information, or a website (HTML is not allowed). diff --git a/roles/bbb/defaults/main.yml b/roles/bbb/defaults/main.yml new file mode 100644 index 0000000..17c44b0 --- /dev/null +++ b/roles/bbb/defaults/main.yml @@ -0,0 +1,4 @@ +bbb_docker_repo_dir: /data/emacsconf/shared/bbb-docker-repo +bbb_docker_dir: /data/emacsconf/shared/bbb-docker +bbb_domain: bbb.emacsverse.org +bbb_ip: 207.66.177.26 diff --git a/roles/bbb/handlers/main.yml b/roles/bbb/handlers/main.yml new file mode 100644 index 0000000..40aff70 --- /dev/null +++ b/roles/bbb/handlers/main.yml @@ -0,0 +1,2 @@ +--- +# handlers file for bbb diff --git a/roles/bbb/meta/main.yml b/roles/bbb/meta/main.yml new file mode 100644 index 0000000..c572acc --- /dev/null +++ b/roles/bbb/meta/main.yml @@ -0,0 +1,52 @@ +galaxy_info: + author: your name + description: your role description + company: your company (optional) + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: license (GPL-2.0-or-later, MIT, etc) + + min_ansible_version: 2.1 + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. + +dependencies: [] + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/roles/bbb/tasks/main.yml b/roles/bbb/tasks/main.yml new file mode 100644 index 0000000..1a4b115 --- /dev/null +++ b/roles/bbb/tasks/main.yml @@ -0,0 +1,18 @@ +--- +- name: Create group + group: + name: "{{ emacsconf_group }}" + state: present +- name: Create user + user: + name: "{{ emacsconf_user }}" + group: "{{ emacsconf_group }}" + state: present +- name: Add public key for authorized access + ansible.posix.authorized_key: + user: "{{ emacsconf_user }}" + state: present + key: '{{ item }}' + with_file: + - ../../base/files/keys/sachac + - ../../base/files/keys/orga diff --git a/roles/bbb/templates/env.template b/roles/bbb/templates/env.template new file mode 100644 index 0000000..65e8770 --- /dev/null +++ b/roles/bbb/templates/env.template @@ -0,0 +1,202 @@ +# ==================================== +# ADDITIONS to BigBlueButton +# ==================================== +# (place a '#' before to disable them) + +# HTTPS Proxy +# fully automated Lets Encrypt certificates +ENABLE_HTTPS_PROXY=true +# If your network doesn't allow access to DNS at 8.8.8.8 specify your own resolvers +#RESOLVER_ADDRESS=x.x.x.x + +# coturn (a TURN Server) +# requires either the abhove HTTPS Proxy to be enabled +# or TLS certificates to be mounted to container +ENABLE_COTURN=true +#COTURN_TLS_CERT_PATH= +#COTURN_TLS_KEY_PATH= + +# Greenlight Frontend +# https://docs.bigbluebutton.org/greenlight/gl-overview.html +ENABLE_GREENLIGHT=true + +# Enable Webhooks +# used by some integrations +#ENABLE_WEBHOOKS=true + +# Prometheus Exporter +# serves the bigbluebutton-exporter under following URL: +# https://yourdomain/bbb-exporter +#ENABLE_PROMETHEUS_EXPORTER=true +#ENABLE_PROMETHEUS_EXPORTER_OPTIMIZATION=true + +# Recording +# IMPORTANT: this is currently a big privacy issues, because it will +# record everything which happens in the conference, even when the button +# suggets, that it does not. +# https://github.com/bigbluebutton/bigbluebutton/issues/9202 +# make sure that you get peoples consent, before they join a room +ENABLE_RECORDING=true +#REMOVE_OLD_RECORDING=false +#RECORDING_MAX_AGE_DAYS=14 + +# ==================================== +# SECRETS +# ==================================== +# important! change these to any random values +SHARED_SECRET={{ bbb_shared_secret }} +ETHERPAD_API_KEY={{ bbb_etherpad_api_key }} +RAILS_SECRET={{ bbb_rails_secret }} +POSTGRESQL_SECRET={{ bbb_postgresql_secret }} +FSESL_PASSWORD={{ bbb_fsesl_password }} + + + +# ==================================== +# CONNECTION +# ==================================== + +DOMAIN={{ bbb_domain }} + +EXTERNAL_IPv4={{ bbb_ip }} +EXTERNAL_IPv6= + +# STUN SERVER +# stun.freeswitch.org +STUN_IP={{ bbb_ip }} +STUN_PORT=3478 + +# TURN SERVER +# uncomment and adjust following two lines to add an external TURN server +TURN_SERVER=turns:{{ bbb_domain }}:5349?transport=tcp +TURN_SECRET={{ bbb_turn_secret }} + +# Allowed SIP IPs +# due to high traffic caused by bots, by default the SIP port is blocked. +# but you can allow access by your providers IP or IP ranges (comma seperated) +# Hint: if you want to allow requests from every IP, you can use 0.0.0.0/0 +SIP_IP_ALLOWLIST= + + +# ==================================== +# CUSTOMIZATION +# ==================================== + +CLIENT_TITLE=BigBlueButton + +# use following lines to replace the default welcome message and footer +WELCOME_MESSAGE="Welcome to <b>%%CONFNAME%%</b>!<br><br>For help on using BigBlueButton see these (short) <a href='https://www.bigbluebutton.org/html5' target='_blank'><u>tutorial videos</u></a>.<br><br>To join the audio bridge click the speaker button. Use a headset to avoid causing background noise for others." +WELCOME_FOOTER="This server is running <a href='https://docs.bigbluebutton.org/'' target='_blank'><u>BigBlueButton</u></a>." + +# use following line for an additional SIP dial-in message +#WELCOME_FOOTER="This server is running <a href='https://docs.bigbluebutton.org/' target='_blank'><u>BigBlueButton</u></a>. <br><br>To join this meeting by phone, dial:<br> INSERT_YOUR_PHONE_NUMBER_HERE<br>Then enter %%CONFNUM%% as the conference PIN number." + +# for a different default presentation, place the pdf file in ./conf/ and +# adjust the following path +DEFAULT_PRESENTATION=./mod/nginx/default.pdf + +# language of sound announcements +# options: +# - en-ca-june - EN Canadian June +# - en-us-allison - US English Allison +# - en-us-callie - US English Callie (default) +# - de-de-daedalus3 - German by Daedalus3 (https://github.com/Daedalus3/freeswitch-german-soundfiles) +# - es-ar-mario - Spanish/Argentina Mario +# - fr-ca-june - FR Canadian June +# - pt-br-karina - Brazilian Portuguese Karina +# - ru-RU-elena - RU Russian Elena +# - ru-RU-kirill - RU Russian Kirill +# - ru-RU-vika - RU Russian Viktoriya +# - sv-se-jakob - Swedish (Sweden) Jakob +# - zh-cn-sinmei - Chinese/China Sinmei +# - zh-hk-sinmei - Chinese/Hong Kong Sinmei +SOUNDS_LANGUAGE=en-us-callie + +# set to false to disable listenOnlyMode +LISTEN_ONLY_MODE=true + +# set to true to disable echo test +DISABLE_ECHO_TEST=false + +# set to true to automatically share webcam +AUTO_SHARE_WEBCAM=false + +# set to true to disable video preview for webcam sharing +DISABLE_VIDEO_PREVIEW=false + +# set to false to disable chat +CHAT_ENABLED=true + +# set to true to start chat closed +CHAT_START_CLOSED=false + +# set to true to disable announcements "You are now (un-)muted" +DISABLE_SOUND_MUTED=false + +# set to true to disable announcement "You are the only person in this conference" +DISABLE_SOUND_ALONE=false + +# maximum count of breakout rooms per meeting +# Warning: increasing the limit of breakout rooms per meeting +# can generate excessive overhead to the server. We recommend +# this value to be kept under 12. +BREAKOUTROOM_LIMIT=8 + +# set to false to disable the learning dashboard +ENABLE_LEARNING_DASHBOARD=true + +# ==================================== +# Tuning +# ==================================== +# Default = 2; Min = 1; Max = 4 +# On powerful systems with high number of meetings you can set values up to 4 to accelerate handling of events +NUMBER_OF_BACKEND_NODEJS_PROCESSES=2 + +# Default = 2; Min = 1; Max = 8 +# Set a number between 1 and 4 times the value of NUMBER_OF_BACKEND_NODEJS_PROCESSES where higher number helps with meetings +# stretching the recommended number of users in BigBlueButton +NUMBER_OF_FRONTEND_NODEJS_PROCESSES=2 + + +# ==================================== +# GREENLIGHT CONFIGURATION +# ==================================== + +### SMTP CONFIGURATION +# Emails are required for the basic features of Greenlight to function. +# Please refer to your SMTP provider to get the values for the variables below +#SMTP_SENDER_EMAIL= +#SMTP_SENDER_NAME= +#SMTP_SERVER= +#SMTP_PORT= +#SMTP_DOMAIN=bbb.emacsverse.org +#SMTP_USERNAME= +#SMTP_PASSWORD= +#SMTP_AUTH= +#SMTP_STARTTLS_AUTO=true +#SMTP_STARTTLS=false +#SMTP_TLS=false +#SMTP_SSL_VERIFY=true + +### EXTERNAL AUTHENTICATION METHODS +# +#OPENID_CONNECT_CLIENT_ID= +#OPENID_CONNECT_CLIENT_SECRET= +#OPENID_CONNECT_ISSUER= +#OPENID_CONNECT_REDIRECT= + +# To enable hCaptcha on the user sign up and sign in, define these 2 keys +#HCAPTCHA_SITE_KEY= +#HCAPTCHA_SECRET_KEY= + +# Set these if you are using a Simple Storage Service (S3) +# Uncomment S3_ENDPOINT only if you are using a S3 OTHER than Amazon Web Service (AWS) S3. +#S3_ACCESS_KEY_ID= +#S3_SECRET_ACCESS_KEY= +#S3_REGION= +#S3_BUCKET= +#S3_ENDPOINT= + +# Define the default locale language code (i.e. 'en' for English) from the fallowing list: +# [en, ar, fr, es] +#DEFAULT_LOCALE=en diff --git a/roles/bbb/tests/inventory b/roles/bbb/tests/inventory new file mode 100644 index 0000000..878877b --- /dev/null +++ b/roles/bbb/tests/inventory @@ -0,0 +1,2 @@ +localhost + diff --git a/roles/bbb/tests/test.yml b/roles/bbb/tests/test.yml new file mode 100644 index 0000000..72d74f0 --- /dev/null +++ b/roles/bbb/tests/test.yml @@ -0,0 +1,5 @@ +--- +- hosts: localhost + remote_user: root + roles: + - bbb diff --git a/roles/bbb/vars/main.yml b/roles/bbb/vars/main.yml new file mode 100644 index 0000000..de701b8 --- /dev/null +++ b/roles/bbb/vars/main.yml @@ -0,0 +1,2 @@ +--- +# vars file for bbb diff --git a/roles/caption/tasks/main.yml b/roles/caption/tasks/main.yml index d3ee4c0..96b3198 100644 --- a/roles/caption/tasks/main.yml +++ b/roles/caption/tasks/main.yml @@ -6,17 +6,20 @@ - cmake - jq - inotify-tools + - pipx - name: Install whisper - ansible.builtin.pip: + community.general.pipx: name: git+https://github.com/openai/whisper.git - name: Install Python packages - ansible.builtin.pip: - name: - - lhotse - - webvtt-py - - tqdm - - torchaudio - - num2words + community.general.pipx: + name: "{{ item }}" + install_deps: true + loop: + - lhotse + - webvtt-py + - tqdm + - torchaudio + - num2words - name: Set up aeneas include_tasks: aeneas.yml - name: Create group diff --git a/roles/edit/templates/emacsconf-edit.el b/roles/edit/templates/emacsconf-edit.el index 65e15b7..603d0a3 100644 --- a/roles/edit/templates/emacsconf-edit.el +++ b/roles/edit/templates/emacsconf-edit.el @@ -85,6 +85,8 @@ (find-file "{{ emacsconf_private_dir }}/conf.org") (setq emacsconf-cache-dir "{{ emacsconf_caption_dir }}/cache") +(setq case-fold-search t) (emacsconf-add-org-after-todo-state-change-hook) +(setq emacsconf-publishing-phase 'conference) (unless noninteractive (emacsconf-erc-connect)) (setq tab-width 2) diff --git a/roles/live/tasks/main.yml b/roles/live/tasks/main.yml index cb0029a..8ff5903 100644 --- a/roles/live/tasks/main.yml +++ b/roles/live/tasks/main.yml @@ -7,3 +7,11 @@ loop: - "{{ emacsconf_year }}" - "{{ emacsconf_year }}/watch" +- name: Set up nginx.conf + template: + src: live.emacsconf.org.conf + dest: /etc/nginx/sites-available/live.emacsconf.org +- name: Reload nginx + service: + name: nginx + state: reloaded diff --git a/roles/media/tasks/main.yml b/roles/media/tasks/main.yml index 8cd854d..e9daaef 100644 --- a/roles/media/tasks/main.yml +++ b/roles/media/tasks/main.yml @@ -11,6 +11,10 @@ file: path: /var/www/{{ media_server_name }}/{{ emacsconf_year }}/backstage state: directory +- name: Ensure current directory exists + file: + path: /var/www/{{ media_server_name }}/{{ emacsconf_year }}/current + state: directory - name: Create group group: name: "{{ emacsconf_group }}" @@ -68,3 +72,48 @@ service: name: nginx state: reloaded +- name: Symlink the current year's backstage directory + file: + src: /var/www/{{ media_server_name }}/{{ emacsconf_year }}/backstage + dest: "~{{ emacsconf_user }}/backstage" + owner: "{{ emacsconf_user }}" + group: "{{ emacsconf_group }}" + state: link +- name: Symlink the current year's directory + file: + src: /var/www/{{ media_server_name }}/{{ emacsconf_year }} + dest: "~{{ emacsconf_user }}/{{ emacsconf_year }}" + owner: "{{ emacsconf_user }}" + group: "{{ emacsconf_group }}" + state: link +- name: Symlink the current year's directory as current + file: + src: /var/www/{{ media_server_name }}/{{ emacsconf_year }} + dest: "~{{ emacsconf_user }}/current" + owner: "{{ emacsconf_user }}" + group: "{{ emacsconf_group }}" + state: link +- name: Create the bin directory + tags: media-scripts + file: + state: directory + path: "~{{ emacsconf_user }}/bin" + owner: "{{ emacsconf_user }}" + group: "{{ emacsconf_group }}" +- name: Add the bin directory to the path + tags: media-scripts + lineinfile: + dest: "~{{ emacsconf_user }}/.bashrc" + state: present + line: "export PATH=$PATH:~/bin" +- name: Create batch scripts + tags: media-scripts + template: + src: "{{ item }}" + dest: "~{{ emacsconf_user }}/bin/{{ item }}" + owner: "{{ emacsconf_user }}" + group: "{{ emacsconf_group }}" + mode: 0755 + loop: + - bbb-open + - bbb-before diff --git a/roles/media/templates/nginx-include b/roles/media/templates/nginx-include index f80ed76..4d1eabe 100644 --- a/roles/media/templates/nginx-include +++ b/roles/media/templates/nginx-include @@ -12,15 +12,30 @@ location /{{ emacsconf_year }}/backstage { expires off; etag off; } + location ~* \.vtt$ { + add_header Cache-Control "no-cache, no-store, must-revalidate"; + add_header Pragma "no-cache"; + add_header Expires "0"; + } + location /{{ emacsconf_year }}/{{ emacsconf_id }}.ics { - auth_basic off; - } + auth_basic off; + add_header Cache-Control "no-cache, no-store, must-revalidate"; + add_header Pragma "no-cache"; + add_header Expires "0"; +} location /{{ emacsconf_year }}/schedules/ { auth_basic off; + add_header Cache-Control "no-cache, no-store, must-revalidate"; + add_header Pragma "no-cache"; + add_header Expires "0"; } {% for track in emacsconf_tracks %} location /{{ emacsconf_year }}/{{ emacsconf_id }}-{{ track.id }}.ics { auth_basic off; + add_header Cache-Control "no-cache, no-store, must-revalidate"; + add_header Pragma "no-cache"; + add_header Expires "0"; } {% endfor %} {% if media_protect_root %} diff --git a/roles/media/templates/nginx-site-config b/roles/media/templates/nginx-site-config index 4dbdaaa..ba25cba 100644 --- a/roles/media/templates/nginx-site-config +++ b/roles/media/templates/nginx-site-config @@ -2,4 +2,9 @@ server { listen 80; server_name {{ media_server_name }}; root /var/www/{{ media_server_name }}; -}
\ No newline at end of file + location ~* \.vtt$ { + add_header Cache-Control "no-cache, no-store, must-revalidate"; + add_header Pragma "no-cache"; + add_header Expires "0"; + } +} diff --git a/roles/obs/templates/emacsconf-stream-config.el b/roles/obs/templates/emacsconf-stream-config.el index bd5ffd7..2aa886b 100644 --- a/roles/obs/templates/emacsconf-stream-config.el +++ b/roles/obs/templates/emacsconf-stream-config.el @@ -13,7 +13,9 @@ (setq emacsconf-stream-track "{{ item.name }}") (autoload 'text-property-search-forward "text-property-search") (add-to-list 'load-path "~/emacsconf-el") +(setq tab-width 2) +(setq case-fold-search t) +(setq emacsconf-cache-dir "{{ emacsconf_caption_dir }}/cache") (require 'emacsconf) (require 'emacsconf-stream) (emacsconf-stream-display-clock-and-countdown) -(setq tab-width 2) diff --git a/roles/obs/templates/intro b/roles/obs/templates/intro index bf02dc3..7af9c4c 100755 --- a/roles/obs/templates/intro +++ b/roles/obs/templates/intro @@ -8,7 +8,7 @@ fi SLUG=$1 FILE=$1 if [[ ! -f $FILE ]]; then - LIST=({{ emacsconf_caption_dir }}/assets/stream/emacsconf-{{ emacsconf_year }}-$FILE--*.webm) + LIST=({{ emacsconf_caption_dir }}/cache/emacsconf-{{ emacsconf_year }}-$FILE--*.webm) FILE="${LIST[0]}" BY_SLUG=1 else @@ -16,8 +16,8 @@ else fi shift overlay $SLUG -if [[ -f {{ emacsconf_caption_dir }}/assets/intros/$SLUG.webm ]]; then - mpv {{ emacsconf_caption_dir }}/assets/intros/$SLUG.webm +if [[ -f "$FILE" ]]; then + mpv "$FILE" else firefox {{ emacsconf_caption_dir }}/assets/in-between/$SLUG.png fi diff --git a/roles/obs/templates/music b/roles/obs/templates/music index 3e729ec..a5a6a31 100755 --- a/roles/obs/templates/music +++ b/roles/obs/templates/music @@ -1,5 +1,5 @@ if screen -list | grep -q background; then echo "Already running in screen, attach with screen -x background" else - screen -dmS background /bin/bash -c "mpv {{ background_music_dir }}/* --shuffle --loop=inf --volume={{ background_music_volume }}" + screen -dmS background /bin/bash -c "mpv {{ background_music_dir }}/* --shuffle --loop-playlist=inf --volume={{ background_music_volume }}" fi diff --git a/roles/obs/templates/play b/roles/obs/templates/play index e205b46..69632d4 100755 --- a/roles/obs/templates/play +++ b/roles/obs/templates/play @@ -24,7 +24,7 @@ fi # Play the video if it exists. If it doesn't exist, switch to the BBB room and stop processing. if [ "x$TEST_MODE" = "x" ]; then - LIST=($BASE_DIR/assets/stream/{{ emacsconf_id }}-{{ emacsconf_year }}-$SLUG*--main.webm) + LIST=($CACHE_DIR/{{ emacsconf_id }}-{{ emacsconf_year }}-$SLUG*--main.webm) else LIST=($BASE_DIR/assets/test/{{ emacsconf_id }}-{{ emacsconf_year }}-$SLUG*--main.webm) fi diff --git a/roles/pad/vars/main.yml b/roles/pad/vars/main.yml deleted file mode 100644 index 981efa9..0000000 --- a/roles/pad/vars/main.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -# vars file for pad diff --git a/roles/prerec/tasks/main.yml b/roles/prerec/tasks/main.yml index 5b39977..a0a3cac 100644 --- a/roles/prerec/tasks/main.yml +++ b/roles/prerec/tasks/main.yml @@ -68,10 +68,11 @@ - verify-main.sh - remux.sh - get-file-prefix + - reencode-in-screen.sh - name: Copy Makefile + tags: process-prerec, prerec-scripts, prerec-make template: src: Makefile dest: "{{ emacsconf_caption_dir }}/cache/Makefile" owner: "{{ emacsconf_user }}" group: "{{ emacsconf_group }}" - diff --git a/roles/prerec/templates/Makefile b/roles/prerec/templates/Makefile index 709a069..8579965 100644 --- a/roles/prerec/templates/Makefile +++ b/roles/prerec/templates/Makefile @@ -1,5 +1,7 @@ # {{ ansible_managed }} +# To recreate this file, use ansible-playbook -i inventory.yml prod-playbook.yml --tags prerec-make + VIDEO_EXTS = mp4 mkv webm mov source_patterns = $(foreach ext,$(VIDEO_EXTS),$(1)--original.$(ext)) @@ -11,6 +13,7 @@ PRERECS_NORMAL := $(addsuffix --normalized.opus, $(PREFIXES)) PRERECS_MAIN := $(addsuffix --main.webm, $(PREFIXES)) PRERECS_CAPTIONS := $(addsuffix --reencoded.vtt, $(PREFIXES)) PRERECS_FINAL := $(wildcard emacsconf-*--final.webm) +LINODE_BBB_ID := 67329098 .PHONY: all @@ -38,10 +41,13 @@ emacsconf-%--reencoded.webm: ./reencode-in-screen.sh "$(SOURCE)" emacsconf-%--reencoded.opus: emacsconf-%--reencoded.webm - ffmpeg -i "$<" -c:a copy "$@" + ffmpeg -y -i "$<" -c:a copy "$@" + +emacsconf-%--answers.opus: emacsconf-%--answers.webm + ffmpeg -y -i "$<" -c:a copy "$@" -emacsconf-%--normalized.opus: emacsconf-%--reencoded.opus - ffmpeg-normalize "$<" -ofmt opus -c:a libopus -o "$@" +# emacsconf-%--normalized.opus: emacsconf-%--reencoded.opus +# ffmpeg-normalize "$<" -ofmt opus -c:a libopus -o "$@" emacsconf-%--main.webm: emacsconf-%--reencoded.webm emacsconf-%--normalized.opus emacsconf-%--main.vtt ffmpeg -i emacsconf-$*--reencoded.webm -i emacsconf-$*--normalized.opus -i emacsconf-$*--main.vtt \ @@ -49,15 +55,26 @@ emacsconf-%--main.webm: emacsconf-%--reencoded.webm emacsconf-%--normalized.opus -map 2 -c:s webvtt -y \ $@ +emacsconf-%--main.webm: emacsconf-%--reencoded.webm emacsconf-%--normalized.opus + ffmpeg -i emacsconf-$*--reencoded.webm -i emacsconf-$*--normalized.opus \ + -map 0:v -map 1:a -c:v copy -c:a copy \ + -y $@ + emacsconf-%--main.webm: emacsconf-%--reencoded.webm cp "$<" "$@" emacsconf-%--final.webm: emacsconf-%--main.vtt mux-subs.sh "$@" "$<" +emacsconf-%--main.opus: emacsconf-%--main.webm + ffmpeg -y -i "$<" -c:a copy "$@" + emacsconf-%--reencoded.vtt: emacsconf-%--reencoded.opus whisperx --model large-v2 --align_model WAV2VEC2_ASR_LARGE_LV60K_960H --compute_type int8 --print_progress True --max_line_width 50 --segment_resolution chunk --max_line_count 1 --language en "$<" +emacsconf-%--backstage--silences.csv: emacsconf-%--reencoded.opus + ffmpeg -i "$<" -af silencedetect=noise=-30dB:d=0.5 -f null - 2>&1 | awk '/silence_start/ {start=$$NF} /silence_end/ {print start "," (start + $$NF)}' > "$@" + show-files: @echo "Original $(words $(PRERECS_ORIGINAL)):" @echo "$(PRERECS_ORIGINAL)" @@ -68,5 +85,37 @@ show-files: @echo "Opus $(words $(PRERECS_OPUS)):" @echo "$(PRERECS_OPUS)" +bbb-testing: + @echo "Resizing BBB node to 8GB 4 core for testing" + linode-cli linodes resize $(LINODE_BBB_ID) --type g6-standard-4 --allow_auto_disk_resize false + sleep 2m + @echo "Booting up" + linode-cli linodes boot $(LINODE_BBB_ID) + ssh root@bbb.emacsverse.org "cd ~/greenlight-v3; docker compose restart" + +bbb-dormant: + @echo "Shutting down" + ssh root@bbb.emacsverse.org "/usr/sbin/shutdown -h now &" || true + sleep 30 + @echo "Powering off BBB node" + linode-cli linodes shutdown $(LINODE_BBB_ID) + sleep 30 + @echo "Resizing BBB node to nanode, dormant" + linode-cli linodes resize $(LINODE_BBB_ID) --type g6-nanode-1 --allow_auto_disk_resize false + +bbb-prod: + @echo "Resizing BBB node to production size" + linode-cli linodes resize $(LINODE_BBB_ID) --type g6-dedicated-8 --allow_auto_disk_resize true + sleep 2m + @echo "Booting up" + linode-cli linodes boot $(LINODE_BBB_ID) + +live-dormant: + @echo "Resizing live0 node to nanode, dormant" + linode-cli linodes resize 17921960 --type g6-nanode-1 --allow_auto_disk_resize false + sleep 120 + linode-cli linodes boot 17921960 + + rsync: rsync -avzue ssh {{ emacsconf_caption_dir }}/cache/ orga@media.emacsconf.org:/var/www/media.emacsconf.org/{{ emacsconf_year }}/backstage/ diff --git a/roles/prerec/templates/copy-original.sh b/roles/prerec/templates/copy-original.sh new file mode 100755 index 0000000..854bdb8 --- /dev/null +++ b/roles/prerec/templates/copy-original.sh @@ -0,0 +1,24 @@ +#!/bin/bash +# {{ ansible_managed }} +# Usage: rename-original.sh $slug $file [$extra] +SLUG=$1 +FILE=$2 +EXTRA="" +if [ -z ${3-unset} ]; then + EXTRA="" +elif [ -n "$3" ]; then + EXTRA="$3" +elif echo "$FILE" | grep -e '\(webm\|mp4\|mov\)'; then + EXTRA="--original" +fi +filename=$(basename -- "$FILE") +extension="${filename##*.}" +filename="${filename%.*}" +FILE_PREFIX=$(get-file-prefix $SLUG) +if echo "$FILE" | grep -q \\. ; then + cp "$FILE" $FILE_PREFIX$EXTRA.$extension + echo $FILE_PREFIX$EXTRA.$extension +else + cp "$FILE" $FILE_PREFIX$EXTRA + echo $FILE_PREFIX$EXTRA +fi diff --git a/roles/prerec/templates/get-file-prefix b/roles/prerec/templates/get-file-prefix new file mode 100755 index 0000000..0240b99 --- /dev/null +++ b/roles/prerec/templates/get-file-prefix @@ -0,0 +1,10 @@ +#!/bin/bash +# {{ ansible_managed }} +# Usage: get-file-prefix $slug [talks.json] +# You can also set the TALKS_JSON environment variable + +SLUG=$1 +if [ -z "$TALKS_JSON" ]; then + TALKS_JSON=${2:-~orga/current/talks.json} +fi +jq -r '.talks[] | select(.slug=="'$SLUG'")["file-prefix"]' < $TALKS_JSON diff --git a/roles/prerec/templates/reencode-in-screen.sh b/roles/prerec/templates/reencode-in-screen.sh new file mode 100755 index 0000000..5c12203 --- /dev/null +++ b/roles/prerec/templates/reencode-in-screen.sh @@ -0,0 +1,16 @@ +#!/bin/bash +ORIGINAL=$1 +BASE="${ORIGINAL%--original.*}" +REENCODED="${BASE}--reencoded.webm" +SLUG=$(echo "$ORIGINAL" | perl -ne '/^emacsconf-[0-9]*-(.*?)--/ && print $1') +LOCK=".lock-$SLUG" + +if [ ! -f "$REENCODED" ]; then + if [ -f "$LOCK" ]; then + echo "$LOCK already exists, waiting for it" + else + touch "$LOCK" + screen -dmS reencode-$SLUG /bin/bash -c "reencode.sh \"$ORIGINAL\" \"$REENCODED\" && thumbnail.sh \"$MAIN\" && rm \"$LOCK\"" + echo "Processing $REENCODED in reencode-$SLUG" + fi +fi diff --git a/roles/prerec/templates/upload.sh b/roles/prerec/templates/upload.sh index fbf3025..09d55d9 100755 --- a/roles/prerec/templates/upload.sh +++ b/roles/prerec/templates/upload.sh @@ -2,5 +2,5 @@ # {{ ansible_managed }} scp $* orga@media.emacsconf.org:~/backstage -/data/emacsconf/admin/{{ emacsconf_year }}/scripts/publish-backstage-index.sh -rsync -avze ssh orga@media.emacsconf.org:~/backstage/ /data/emacsconf/admin/cache/ +/usr/local/bin/publish-backstage-index.sh +rsync -avze ssh orga@media.emacsconf.org:~/backstage/ /data/emacsconf/shared/{{ emacsconf_year }}/cache/ diff --git a/roles/stream/templates/lowres.sh b/roles/stream/templates/lowres.sh index 502fcb3..13d6a81 100755 --- a/roles/stream/templates/lowres.sh +++ b/roles/stream/templates/lowres.sh @@ -1,6 +1,6 @@ #!/bin/bash # {{ ansible_managed }} sleep 10 -for i in 1 2 3 4 5; do +while true; do ffmpeg -loglevel 24 -f webm -reconnect_at_eof 1 -reconnect_streamed 1 -re -i "http://localhost:{{ icecast_port }}/{{ item.id }}.webm" -vf scale="{{ icecast_lowres_scale }}" -f webm -c:a copy -b:v 500k -maxrate 1M -bufsize 1M -content_type video/webm -c:v libvpx "icecast://{{ icecast_emacsconf_user }}:{{ icecast_emacsconf_password }}@localhost:{{ icecast_port }}/{{ item.id }}-480p.webm" >> {{ icecast_restream_dir }}/{{ emacsconf_id }}-lowres-{{ item.id }}.log || sleep 5 done diff --git a/roles/upload/tasks/main.yml b/roles/upload/tasks/main.yml index ca87a1c..b63e3f1 100644 --- a/roles/upload/tasks/main.yml +++ b/roles/upload/tasks/main.yml @@ -21,6 +21,14 @@ name: - nodejs state: present +- name: Add to dehydrated.conf + become: true + lineinfile: + line: "{{ upload_server_name }}" + path: /etc/dehydrated/domains.txt +- name: Create or renew cert + command: "dehydrated --cron" + become: true - name: Create upload user become: true user: @@ -99,6 +107,19 @@ owner: "{{ upload_user }}" group: "{{ upload_group }}" recurse: true +- name: Create backup dir to use when the conference is done + file: + path: "{{ upload_done_dir }}" + owner: "{{ upload_user }}" + group: "{{ upload_group }}" + state: directory +- name: Create backup file to use when the conference is done + template: + src: index.html + owner: "{{ upload_user }}" + group: "{{ upload_group }}" + mode: 0755 + dest: "{{ upload_done_dir }}/index.html" - name: Install systemd configuration tags: system become: true @@ -109,6 +130,23 @@ group: root mode: 0755 when: not use_initd +- name: Create main configuration if needed + template: + src: nginx-site-config + dest: /etc/nginx/sites-available/{{ upload_server_name }} +- name: Make sure main configuration is enabled + file: + src: /etc/nginx/sites-available/{{ upload_server_name }} + dest: /etc/nginx/sites-enabled/{{ upload_server_name }} + owner: "{{ emacsconf_user }}" + group: "{{ emacsconf_group }}" + force: no + state: link +- name: Reload configuration + become: true + service: + name: nginx + state: reloaded - name: Restart Upload become: true when: upload_enabled diff --git a/roles/upload/templates/index.html b/roles/upload/templates/index.html new file mode 100644 index 0000000..e5d8e6e --- /dev/null +++ b/roles/upload/templates/index.html @@ -0,0 +1,7 @@ +<html> + <head> + </head> + <body> + EmacsConf is done for now, so we've turned off the file upload service. Let us know at <a href="mailto:emacsconf-org-private@gnu.org">emacsconf-org-private@gnu.org</a> if you need it back to upload something! + </body> +</html> diff --git a/roles/upload/templates/nginx-site-config b/roles/upload/templates/nginx-site-config new file mode 100644 index 0000000..48842d1 --- /dev/null +++ b/roles/upload/templates/nginx-site-config @@ -0,0 +1,46 @@ +upstream upload_emacsconf { + server 127.0.0.1:3000; +} + +server { + listen 80; + listen [::]:80; + server_name {{ upload_server_name }}; + + include snippets/well-known-acme-challenge.conf; + + location / { + return 302 https://$server_name$request_uri; + } +} + +server { + listen 443 ssl http2; + listen [::]:443 ssl http2; + server_name {{ upload_server_name }}; + + ssl_certificate /var/local/dehydrated/certs/{{ upload_server_name }}/fullchain.pem; + ssl_certificate_key /var/local/dehydrated/certs/{{ upload_server_name }}/privkey.pem; + ssl_trusted_certificate /var/local/dehydrated/certs/{{ upload_server_name }}/fullchain.pem; + include ssl_params.local; + include snippets/well-known-acme-challenge.conf; +{% if upload_enabled %} + location @upload_emacsconf { + proxy_pass http://upload_emacsconf; + proxy_http_version 1.1; + proxy_buffering off; + proxy_request_buffering off; # needs nginx version >= 1.7.11 + proxy_set_header Host $http_host; + } + location / { + #try_files $uri $uri/ @upload_emacsconf; + proxy_pass http://upload_emacsconf; + proxy_http_version 1.1; + proxy_buffering off; + proxy_request_buffering off; # needs nginx version >= 1.7.11 + proxy_set_header Host $http_host; + } + {% else %} + root {{ upload_done_dir }}; + {% endif %} +} diff --git a/roles/wiki/templates/emacsconf.setup b/roles/wiki/templates/emacsconf.setup index 2cb114f..a7d2377 100644 --- a/roles/wiki/templates/emacsconf.setup +++ b/roles/wiki/templates/emacsconf.setup @@ -200,7 +200,7 @@ atom: 1 # PageSpec controlling which pages are locked #locked_pages: '!*/Discussion' #locked_pages: 'index or edit' -locked_pages: 'edit or donate or donors' +locked_pages: 'edit or donate or donors or script.js or local.css or templates/page.tmpl' # moderatedcomments plugin # PageSpec matching users or comment locations to moderate |