BitMaster/linux-8.2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
dev
2024-12-10 21:38:48 +02:00
commit c018886969
16 changed files with 602 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
README.md Normal file
View File

@@ -0,0 +1,46 @@
# Callaba Cloud install on Linux
## Requirements
- ubuntu 22.04
- docker
## Prepare
- Clone this repo
```console
git clone https://gitlab.callabacloud.com/callaba-8/linux.git
```
- Move to folder
```console
cd linux\
```
- Update packages and install requirements. Or if it clean machine you just can run
```console
bash prepare.sh
```
## Install
After requirements has been installed, run installation script and type login and password from registry
```console
bash install.sh
```
## Update
For update Callaba run update.sh
```console
bash update.sh
```
## Rollback
If something went wrong rollback app
```console
bash rollback.sh
```
## Remove
For remove. All data and images will be delete
```console
bash remove.sh
```

5
clean-db.sh Normal file
View File

@@ -0,0 +1,5 @@
#!/bin/bash
export STACK_VERSION=$(docker ps | awk '{print $2}' | grep :.* | grep cc-api | sed 's/:/ /' | awk '{print $2}' | sed 's/-selfhosted/ /' | awk '{print $1}')
docker stop callabacloud-mongo && docker rm callabacloud-mongo && docker volume prune -f -a
sudo -E docker-compose -f docker-compose.cc-full-run-linux.yml up -d

110
docker-compose.cc-full-run-linux.yml Normal file
View File

@@ -0,0 +1,110 @@
version: '3.9'
services:
cc-mongo:
container_name: callabacloud-mongo
image: registry.callabacloud.com/callaba-selfhosted/cc-mongo:${STACK_VERSION}-selfhosted
restart: always
network_mode: "host"
command: ["mongod", "--quiet", "--config", "/etc/mongodb.conf", "--replSet", "rs0", "--bind_ip_all", "--port", "27017"]
volumes:
- db_data:/data/db2
cc-mongo-certdb:
container_name: callabacloud-mongo-certdb
image: registry.callabacloud.com/callaba-selfhosted/cc-mongo:${STACK_VERSION}-selfhosted
restart: always
network_mode: "host"
command: ["mongod", "--quiet", "--config", "/etc/mongodb.conf", "--bind_ip_all", "--port", "27018"]
volumes:
- cert_db_data:/data/db2
cc-api:
container_name: callabacloud-api
image: registry.callabacloud.com/callaba-selfhosted/cc-api-prod:${STACK_VERSION}-selfhosted
restart: always
cap_add:
- SYS_ADMIN
devices:
- /dev/fuse
security_opt:
- apparmor:unconfined
volumes:
- records:/cc-api/recorded
- uploads:/cc-api/uploaded
- pass:/opt/volume
- certs:/cc-api/build/ssl
- configs:/cc-api/build/nginx-http-conf/
- rtmp_configs:/cc-api/build/tmp-rtmp-conf
- chunks:/mnt
- ./webrtc/livekit.yaml:/etc/livekit.yaml
- ./webrtc/egress.conf:/etc/egress.conf
- ./webrtc/ingress.conf:/etc/ingress.conf
- ./ndi-config.v1.json:/etc/ndi-config.v1.json
- ./etc-ntpsec-ntp.conf:/etc/etc-ntpsec-ntp.conf
# external
- /var/run/docker.sock:/var/run/docker.sock
- /dev/fuse:/dev/fuse
network_mode: "host"
extra_hosts:
- "localhost-event:127.0.0.1"
privileged: true
depends_on:
- cc-mongo
cc-nginx:
container_name: callabacloud-nginx
image: registry.callabacloud.com/callaba-selfhosted/cc-nginx-prod:${STACK_VERSION}-selfhosted
restart: always
volumes:
- certs:/etc/ssl/callaba/
- configs:/etc/nginx/conf.d
- rtmp_configs:/etc/nginx/rtmp_conf.d/
- chunks:/mnt
network_mode: "host"
extra_hosts:
- "localhost-event:127.0.0.1"
depends_on:
- cc-api
cc-front:
container_name: callabacloud-front
image: registry.callabacloud.com/callaba-selfhosted/cc-front-prod:${STACK_VERSION}-selfhosted
restart: always
network_mode: "host"
cc-monitoring:
image: registry.callabacloud.com/callaba-selfhosted/cc-monitoring:${STACK_VERSION}
container_name: callabacloud-monitoring
restart: always
volumes:
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /:/rootfs:ro
- grafana_data:/var/lib/grafana/
- prometheus_data:/data/
ports:
- 127.0.0.1:3031:3031
volumes:
records:
name: callabacloud-records
uploads:
name: callabacloud-uploads
db_data:
name: callabacloud-db_data
cert_db_data:
name: callabacloud-cert_db_data
pass:
name: callabacloud-pass
certs:
name: callabacloud-certs
grafana_data:
name: callabacloud-grafana_data
prometheus_data:
name: callabacloud-prometheus_data
configs:
name: callabacloud-configs
rtmp_configs:
name: callabacloud-rtmp_configs
chunks:
name: callabacloud-chunks

57
etc-ntpsec-ntp.conf Normal file
View File

@@ -0,0 +1,57 @@
# /etc/ntpsec/ntp.conf, configuration for ntpd; see ntp.conf(5) for help
driftfile /var/lib/ntpsec/ntp.drift
leapfile /usr/share/zoneinfo/leap-seconds.list
# To enable Network Time Security support as a server, obtain a certificate
# (e.g. with Let's Encrypt), configure the paths below, and uncomment:
# nts cert CERT_FILE
# nts key KEY_FILE
# nts enable
# You must create /var/log/ntpsec (owned by ntpsec:ntpsec) to enable logging.
#statsdir /var/log/ntpsec/
#statistics loopstats peerstats clockstats
#filegen loopstats file loopstats type day enable
#filegen peerstats file peerstats type day enable
#filegen clockstats file clockstats type day enable
# This should be maxclock 7, but the pool entries count towards maxclock.
tos maxclock 11
# Comment this out if you have a refclock and want it to be able to discipline
# the clock by itself (e.g. if the system is not connected to the network).
tos minclock 4 minsane 3
# Specify one or more NTP servers.
# Public NTP servers supporting Network Time Security:
# server time.cloudflare.com nts
#server time.apple.com nts
# Use servers from the NTP Pool Project. Approved by Ubuntu Technical Board
# on 2011-02-08 (LP: #104525). See https://www.pool.ntp.org/join.html for
# more information.
server time.apple.com iburst
#pool 0.ubuntu.pool.ntp.org iburst
#pool 1.ubuntu.pool.ntp.org iburst
#pool 2.ubuntu.pool.ntp.org iburst
#pool 3.ubuntu.pool.ntp.org iburst
# Use Ubuntu's ntp server as a fallback.
server ntp.ubuntu.com
# Access control configuration; see /usr/share/doc/ntpsec-doc/html/accopt.html
# for details.
#
# Note that "restrict" applies to both servers and clients, so a configuration
# that might be intended to block requests from certain clients could also end
# up blocking replies from your own upstream servers.
# By default, exchange time with everybody, but don't allow configuration.
restrict default kod nomodify nopeer noquery limited
# Local users may interrogate the ntp server more closely.
restrict 127.0.0.1
restrict ::1

66
install.sh Executable file
View File

@@ -0,0 +1,66 @@
#!/bin/bash
STACK_VERSION=""
get_stack_version() {
if [ $# -gt 0 ]; then
STACK_VERSION="$1"
else
STACK_VERSION=$(curl -X 'GET' 'https://api.callabacloud.com/getCallabaCloudVersion' --header "Content-Type: application/json" -d '{"version_name":"parrot"}' | jq -r '.[].version_number')
fi
if [[ $? -ne 0 ]]; then
echo "Error: Failed to get stack version"
exit 1
fi
export STACK_VERSION
}
start_docker_compose() {
echo $STACK_VERSION
sudo -E docker-compose -f docker-compose.cc-full-run-linux.yml up -d
if [[ $? -ne 0 ]]; then
echo "Error: Failed to start docker-compose with Callaba Cloud"
exit 1
fi
sudo -E docker-compose -f webrtc/docker-compose.cc-webrtc.yml up -d
if [[ $? -ne 0 ]]; then
echo "Error: Failed to start docker-compose with Callaba Cloud"
exit 1
else
echo ' ######################################################################
########### Callaba Cloud has been installed successfully ###########
######################################################################'
fi
}
set_iptables() {
if [ ! -d /etc/iptables/ ]; then
sudo mkdir /etc/iptables/
fi
sudo chmod 666 /etc/iptables/rules.v4
sudo iptables -I INPUT -i lo -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 3000 -j DROP
sudo iptables -A INPUT -p tcp --dport 3021 -j DROP
sudo iptables -A INPUT -p tcp --dport 3031 -j DROP
sudo iptables -A INPUT -p tcp --dport 27017 -j DROP
if [[ $? -ne 0 ]]; then
echo "Error: Failed to set iptables"
exit 1
fi
sudo iptables-save > /etc/iptables/rules.v4
if [[ $? -ne 0 ]]; then
echo "Error: Failed to save iptables rules"
exit 1
fi
}
main() {
get_stack_version
start_docker_compose
set_iptables
}
main

9
ndi-config.v1.json Normal file
View File

@@ -0,0 +1,9 @@
{
"ndi": {
"machinename": "CALLABA",
"networks": {
"discovery": "",
"ips": ""
}
}
}

8
prepare.sh Normal file
View File

@@ -0,0 +1,8 @@
#!/bin/bash
sudo apt-get update -qq >/dev/null && sudo DEBIAN_FRONTEND=noninteractive apt-get install -y curl jq iptables iptables-persistent
sudo mkdir /etc/iptables
sudo wget -qO- https://get.docker.com/ | sh
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
sudo bash install.sh

98
remove.sh Executable file
View File

@@ -0,0 +1,98 @@
#!/bin/bash
stop_containers() {
local containers=$(sudo docker ps -q --filter='name=callabacloud-*')
if [[ -n "$containers" ]]; then
if sudo docker stop --time 60 $containers; then
echo "Containers stopped successfully"
else
echo "Error: Unable to stop containers" >&2
return 1
fi
else
echo "No containers to stop"
fi
}
remove_containers() {
local containers=$(sudo docker ps -a -q --filter='name=callabacloud-*')
if [[ -n "$containers" ]]; then
if sudo docker rm $containers; then
echo "Containers removed successfully"
else
echo "Error: Unable to remove containers" >&2
return 1
fi
else
echo "No containers to remove"
fi
}
remove_images() {
local images=$(sudo docker images -q --filter=reference="registry.callabacloud.com/*/*:*")
if [[ -n "$images" ]]; then
if sudo docker rmi -f $images; then
echo "Images removed successfully"
else
echo "Error: Unable to remove images" >&2
return 1
fi
else
echo "No images to remove"
fi
}
remove_volumes() {
local volumes=$(sudo docker volume list -q --filter='name=callabacloud-*')
if [[ -n "$volumes" ]]; then
if sudo docker volume rm $volumes; then
echo "Volumes removed successfully"
else
echo "Error: Unable to remove volumes" >&2
return 1
fi
else
echo "No volumes to remove"
fi
}
prune_network() {
if sudo docker network prune -f; then
echo "Network pruned successfully"
else
echo "Error: Unable to prune network" >&2
return 1
fi
}
delete_rules() {
local ports=(3000 3021 3031 27017)
for port in ${ports[@]}; do
if sudo iptables -D INPUT -p tcp --dport $port -j DROP; then
echo "Rule for port $port deleted successfully"
else
echo "Error: Unable to delete rule for port $port" >&2
fi
done
if sudo iptables-save > /etc/iptables/rules.v4; then
echo "Iptables rules saved successfully"
else
echo "Error: Unable to save iptables rules" >&2
return 1
fi
}
echo "Uninstalling Callaba Cloud has been started. Please don't stop this process. It may take about 2 minutes."
stop_containers
remove_containers
remove_images
remove_volumes
prune_network
delete_rules

8
reset-password.sh Normal file
View File

@@ -0,0 +1,8 @@
#!/bin/bash
source /var/lib/docker/volumes/callabacloud-pass/_data/pass.txt
NEW_PASSWORD='$2b$10$gJFKDTOstLTSF4wJF.uGbeBUhm0vBm7KlDraOkAFcdsq1YrEvk.ca'
MONGO_COMMAND="db.usermodel.updateOne({ email : 'admin' }, { \$set: { password : '${NEW_PASSWORD}' } });"
docker exec callabacloud-mongo mongo peers -u peersUser -p "$PEERSPASS" --eval "${MONGO_COMMAND}"

31
rollback.sh Normal file
View File

@@ -0,0 +1,31 @@
#!/bin/bash
export_variable() {
export $(cut -d= -f1 last_ver.txt)
source last_ver.txt
if [[ $? -ne 0 ]]; then
echo "Error: Failed to get previous version"
exit 1
fi
echo "STACK_VERSION=$STACK_VERSION"
}
start_docker_compose() {
sudo -E docker-compose -f docker-compose.cc-full-run-linux.yml up -d
if [[ $? -ne 0 ]]; then
echo "Error: Failed to start docker-compose"
exit 1
else
echo " ######################################################################
############# Callaba Cloud has been restored to version $STACK_VERSION
######################################################################"
fi
}
main() {
export_variable
start_docker_compose
}
main

55
update.sh Executable file
View File

@@ -0,0 +1,55 @@
#!/bin/bash
write_stack_version() {
STACK_VERSION=$(curl -X 'POST' 'http://127.0.0.1/api/application/getAppInfo' -H 'accept: application/json' | jq -r '.stack_version')
if [[ $? -ne 0 ]]; then
echo "Error: Failed to get stack version from the application"
exit 1
fi
echo "STACK_VERSION=${STACK_VERSION}" > last_ver.txt
}
export_stack_version() {
if [ $# -gt 0 ]; then
STACK_VERSION="$1"
else
STACK_VERSION=$(curl -X 'GET' 'https://api.callabacloud.com/getCallabaCloudVersion' --header "Content-Type: application/json" -d '{"version_name":"parrot"}' | jq -r '.[].version_number')
fi
if [[ $? -ne 0 ]]; then
echo "Error: Failed to get stack version from Callaba Cloud"
exit 1
fi
export STACK_VERSION
}
pull_images() {
sudo -E docker pull registry.callabacloud.com/callaba-selfhosted/cc-api-prod:${STACK_VERSION}-selfhosted
sudo -E docker pull registry.callabacloud.com/callaba-selfhosted/cc-front-prod:${STACK_VERSION}-selfhosted
sudo -E docker pull registry.callabacloud.com/callaba-selfhosted/cc-nginx-prod:${STACK_VERSION}-selfhosted
sudo -E docker pull registry.callabacloud.com/callaba-selfhosted/cc-mongo:${STACK_VERSION}-selfhosted
if [[ $? -ne 0 ]]; then
echo "Error: Failed to pull docker-compose image"
exit 1
fi
}
start_docker_compose() {
sudo -E docker-compose -f docker-compose.cc-full-run-linux.yml up -d
if [[ $? -ne 0 ]]; then
echo "Error: Failed to start docker-compose"
exit 1
else
echo " ######################################################################
###### Callaba Cloud has been upgraded to version $STACK_VERSION
######################################################################"
fi
}
main() {
write_stack_version
export_stack_version
pull_images
start_docker_compose
}
main

60
webrtc/docker-compose.cc-webrtc.yml Normal file
View File

@@ -0,0 +1,60 @@
version: "3.9"
services:
livekit:
container_name: callabacloud-webrtc
image: registry.callabacloud.com/callaba-selfhosted/cc-livekit:v1.7.3
restart: always
network_mode: "host"
volumes:
- ./livekit.yaml:/etc/livekit.yaml
- certs:/etc/ssl/callaba/
depends_on:
- redis
entrypoint: "/livekit-server --config /etc/livekit.yaml --node-ip 127.0.0.1"
redis:
container_name: callabacloud-redis
image: redis:6-alpine
command: redis-server /etc/redis.conf
restart: always
network_mode: "host"
volumes:
- ./redis.conf:/etc/redis.conf
ingress:
container_name: callabacloud-ingress
restart: always
image: registry.callabacloud.com/callaba-selfhosted/cc-ingress:v1.4.7
environment:
INGRESS_CONFIG_FILE: /etc/ingress.conf
network_mode: "host"
privileged: true
volumes:
- ./ingress.conf:/etc/ingress.conf
- ./ndi-config.v1.json:/root/.ndi/ndi-config.v1.json
- ./etc-ntpsec-ntp.conf:/etc/ntpsec/ntp.conf
- /var/run/dbus:/var/run/dbus
- /var/run/avahi-daemon/socket:/var/run/avahi-daemon/socket
- /var/run/docker.sock:/var/run/docker.sock
depends_on:
- redis
- livekit
egress:
container_name: callabacloud-egress
restart: always
image: livekit/egress:v1.8.6
environment:
EGRESS_CONFIG_FILE: /etc/egress.conf
network_mode: "host"
volumes:
- ./egress.conf:/etc/egress.conf
- ./egress-output:/out/
- /var/run/docker.sock:/var/run/docker.sock
- /var/run/avahi-daemon/socket:/var/run/avahi-daemon/socket
cap_add:
- SYS_ADMIN
depends_on:
- redis
- livekit
volumes:
certs:
name: callabacloud-certs

8
webrtc/egress.conf Normal file
View File

@@ -0,0 +1,8 @@
log_level: debug
api_key: 34d83186-87ed-46af-8148-7743d8029632
api_secret: 108d5d46-390c-4fe8-ae9b-bccb6389d7da
ws_url: ws://127.0.0.1:7880
insecure: true
redis:
address: 127.0.0.1:6379
db: 0

9
webrtc/ingress.conf Normal file
View File

@@ -0,0 +1,9 @@
log_level: error
api_key: f77a55cc-15a1-434a-a4e0-c0776eeb7bfb
api_secret: 67e88cb2-56fa-4a8e-ab3a-743d7702d7dd
ws_url: http://127.0.0.1:7880
redis:
address: localhost:6379
username: ""
password: ""
db: 0

26
webrtc/livekit.yaml Normal file
View File

@@ -0,0 +1,26 @@
port: 7880
rtc:
tcp_port: 7881
port_range_start: 50000
port_range_end: 60000
use_external_ip: true
redis:
address: localhost:6379
username: ""
password: ""
db: 0
turn:
enabled: true
domain: host.local
cert_file: /etc/ssl/callaba/livekit.crt
key_file: /etc/ssl/callaba/livekit.key
tls_port: 5349
keys:
hidden: hidden
logging:
level: error
room:
empty_timeout: 864000000
departure_timeout: 864000000

6
webrtc/redis.conf Normal file
View File

@@ -0,0 +1,6 @@
bind 127.0.0.1 ::1
protected-mode yes
port 6379
timeout 0
tcp-keepalive 300