Skip to content
This repository has been archived by the owner on Dec 14, 2021. It is now read-only.

IPv6 support #32

Merged
merged 9 commits into from
Jul 21, 2020
Merged

IPv6 support #32

merged 9 commits into from
Jul 21, 2020

Conversation

alangecker
Copy link
Owner

@alangecker alangecker commented Jul 12, 2020

closes #24

quite handy for testing this branch with firefox

  • media.peerconnection.ice.relay_only: force use of TURN server
  • network.dns.disableIPv6 disable IPv6 DNS

@alangecker alangecker added the enhancement New feature or request label Jul 12, 2020
@alangecker alangecker changed the base branch from v2.2.x to develop July 13, 2020 15:56
@alangecker alangecker mentioned this pull request Jul 18, 2020
4 tasks
@alangecker alangecker changed the title WIP: IPv6 support IPv6 support Jul 21, 2020
@alangecker
Copy link
Owner Author

eveything seems fine now :)

@alangecker alangecker merged commit dee9aa5 into develop Jul 21, 2020
@alangecker alangecker deleted the ipv6 branch July 30, 2020 08:48
@alangecker alangecker mentioned this pull request Jul 30, 2020
@cjhille
Copy link

cjhille commented Aug 10, 2020

network_mode: host for the nginx proxy seems to break my setup with jwilder/nginx-proxy. For jwilder's docker proxy it is intended to use separate docker networks for each deployment and only expose the target upstream service to the proxy network like this.
docker-compose.yml

[...]
nginx:  
      image: nginx:1.19-alpine
      networks:
            nginx-proxy:
[...]
networks:
      bbb-net:
      [...]
      nginx-proxy: # proxy network for jwilder main proxy
            external: true

This can't be combined with host networking.

@cjhille
Copy link

cjhille commented Aug 10, 2020

When disabling network_mode:host (and host port mapping) and exposing the new proxy port 8080 (used to be 80) to the jwilder proxy via:

  nginx:
    image: nginx:1.19-alpine
    #network_mode: host
    networks:
      nginx-proxy:
    #ports:
    #  - "8080:80"
    expose:
      - "8080"
    environment:
      - VIRTUAL_HOST=${DOMAIN}
      - VIRTUAL_PORT=8080

, I can now login to greenlight but the BBB endpoints seem to be invalid. It's now stating that: "Serverfehler - BigBlueButton Endpunkt und Geheimnis ungültig."
All of this used to work before this merge :(

@alangecker
Copy link
Owner Author

alangecker commented Aug 10, 2020

All of this used to work before this merge :(

sorry to hear, that it broke your setup :/
it is quite difficult to make any changes with all possible custom setups in mind...

can you access the BBB API via the nginx proxy directly?
$ curl http://10.7.7.1:8080/bigbluebutton/api

and via the https proxy?
$ curl https://yourdomain/bigbluebutton/api

could you maybe share your whole docker-compose file? (https://gist.github.com/)

unfortunately I have no idea about jwilder's docker proxy...

@cjhille
Copy link

cjhille commented Aug 12, 2020

Thank you for taking an interest in this, it is much appreciated 🙏

When I did docker inspect for the bbb proxy I realized, that I had forgotten to also (re)add the container to bbb-net (since this was replaced by host_networking). Now the system is back up and running.

However, I feel like there has to be a better way than to run the containers on host networking. For my setup host networking in not possible, since more HTTP services (i.e. rocket_chat, WP, jitsi) run on the same machine and traffic has to go to a reverse proxy first (jwilders-proxy or traeffik) to handle TLS and determine the upstream service. IMHO it's unfortunate for BBBs nginx to be blocking the hosts port (80). Is there a particular reason for this? I belive ipv6 http traffic should work without this as well.

Running BBB alongside other services on one host is one of the major advantages of this dockerized version. Although not recommend, it works flawlessly for me :)

For completeness (and users with similar issues) my bbb.yml and proxy.yml:
https://gist.github.com/cjhille/3c01f711640d8c30bc5c0ad729f80f5b

The proxy.yml is pretty much vanilla and the bbb.yml is the same as @alangecker except for the nginx service, where I

  • removed the host port mapping
  • exposed the internal port 8080 so the proxy can route to it
  • removed host_networking and added two networks (one for BBB and one for proxy)
  • added env vars for jwilders TLS docker proxy (virtual host and port)
  nginx:
    image: nginx:1.19-alpine
    restart: unless-stopped
    depends_on:
      [...]
    #ports:
    #  - "8080:80"
    expose:
      - "8080"
    environment:
      - VIRTUAL_HOST=${DOMAIN}
      - VIRTUAL_PORT=8080
      - LETSENCRYPT_HOST=${DOMAIN}
      - LETSENCRYPT_EMAIL=letsencrypt-bbb.vegan-in-leipzig.de@byteanvil.com
    volumes:
      [...]
    #network_mode: host
    networks:
      nginx-proxy:
      bbb-net:
    extra_hosts:
      [...]

EDIT: another question .. what is the reason for host mapping 8080 to container port 80? Nginx is only listening on container port 8080 AFAICT

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
enhancement New feature or request
Projects
None yet
Development

Successfully merging this pull request may close these issues.

IPv6 support
2 participants