From 98c4381f381cc3a7d237f72225319b0d373a4eba Mon Sep 17 00:00:00 2001
From: GregLebreton <greg.lebreton@hotmail.com>
Date: Sat, 16 Jul 2022 21:06:36 +0200
Subject: [PATCH] push

---
 README.md                              | 94 ++++++++++++++++++++++++++
 nginx-proxy-manager/docker-compose.yml | 12 ++++
 workadventure/.env                     | 39 +++++++++++
 workadventure/docker-compose.yml       | 89 ++++++++++++++++++++++++
 4 files changed, 234 insertions(+)
 create mode 100644 README.md
 create mode 100644 nginx-proxy-manager/docker-compose.yml
 create mode 100644 workadventure/.env
 create mode 100644 workadventure/docker-compose.yml

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..2d1ead1
--- /dev/null
+++ b/README.md
@@ -0,0 +1,94 @@
+# workadventure
+
+## Description
+
+Ce projet a pour but de déployer la stack workadventure (https://github.com/thecodingmachine/workadventure) en auto-hébergement.
+
+## Pré-requis
+
+Pour déployer cette stack, vous aurez besoin:
+- Une machine pour héberger le serveur (proc 3Ghz, 4Go ram minimum)
+- Un nom de domaine pour pointer vers votre serveur
+- L'accès à votre box internet pour la redirection des ports
+
+## Configuration / Installation
+
+### Nginx proxy manager
+
+```bash
+cd nginx-proxy-manager/
+docker-compose up -d
+```
+
+- L'interface est disponible à cette adresse:
+http://your-ip-or-domain:81
+
+- identifiants:
+    - user: admin@example.com
+    - mdp: changeme
+
+### Workadventure
+
+- Renseigner le nom de domaine aux quatres endroits:
+```bash
+cd workadventure/
+nano .env
+```
+
+- Récupérer le endpoint de la stack:
+```bash
+docker network list
+docker network inspect <your workadventure network name>
+```
+
+### Nginx-proxy-manager 2
+
+- Sur l'interface web du Nginx-proxy-manager créer une "Proxy Host entry"
+
+... IMAGE ...
+
+- Renseigner votre nom de domaine dans l'URL
+
+- Renseigner le endpoint dans la config du Nginx proxy manager avec le port 9999
+
+- Cocher les cases Block Common Exploits et Websockets, puis sauvegarder
+
+... IMAGE ...
+
+- Créer les certificats SSL:
+
+... IMAGE 1 ...
+
+... IMAGE 2 ...
+
+... IMAGE 3 ...
+
+### Deployer
+
+```bash
+# NGINX PROXY MANAGER
+cd nginx-proxy-manager/
+docker-compose up -d
+
+# WORKADVENTURE
+cd workadventure/
+docker-compose up -d
+```
+
+### Map building
+
+tuto: https://workadventu.re/map-building/
+
+## Roadmap
+
+- SSO login
+- Faire une map de fou!
+
+## Contributing
+
+- Me
+- The others
+
+## License
+
+... OPEN SOURCE GPL3
diff --git a/nginx-proxy-manager/docker-compose.yml b/nginx-proxy-manager/docker-compose.yml
new file mode 100644
index 0000000..4710253
--- /dev/null
+++ b/nginx-proxy-manager/docker-compose.yml
@@ -0,0 +1,12 @@
+version: '3'
+services:
+  app:
+    image: 'jc21/nginx-proxy-manager:latest'
+    restart: unless-stopped
+    ports:
+      - '80:80'
+      - '81:81'
+      - '443:443'
+    volumes:
+      - ./data:/data
+      - ./letsencrypt:/etc/letsencrypt
\ No newline at end of file
diff --git a/workadventure/.env b/workadventure/.env
new file mode 100644
index 0000000..f68e8b8
--- /dev/null
+++ b/workadventure/.env
@@ -0,0 +1,39 @@
+# The base domain
+DOMAIN=votre-nom-de-domaine.com
+DEBUG_MODE=false
+JITSI_URL=meet.jit.si
+
+# Domain redirections
+FRONT_URL=play.votre-nom-de-domaine.com
+PUSHER_HOST=pusher.votre-nom-de-domaine.com
+BACK_HOST=api.votre-nom-de-domaine.com
+
+# If your Jitsi environment has authentication set up, you MUST set JITSI_PRIVATE_MODE to>
+JITSI_PRIVATE_MODE=false
+JITSI_ISS=
+SECRET_JITSI_KEY=
+
+# URL of the TURN server (needed to "punch a hole" through some networks for P2P connecti>
+#TURN_SERVER=
+#TURN_USER=
+#TURN_PASSWORD=
+
+# The URL used by default, in the form: "/_/global/map/url.json"
+START_ROOM_URL=/_/global/GregLebreton.github.io/adventure-map/map.json
+
+# The email address used by Let's encrypt to send renewal warnings (compulsory)
+ACME_EMAIL=
+
+# Set to true to allow using this instance as a target for the apiUrl property
+FEDERATE_PUSHER=false
+
+# Server settings
+MAX_PER_GROUP=100
+MAX_USERNAME_LENGTH=25
+DISABLE_NOTIFICATIONS=false
+SKIP_RENDER_OPTIMIZATIONS=false
+
+# Secrets
+SECRET_KEY=
+ADMIN_API_TOKEN=
+ADMIN_API_URL=
\ No newline at end of file
diff --git a/workadventure/docker-compose.yml b/workadventure/docker-compose.yml
new file mode 100644
index 0000000..b62bbb9
--- /dev/null
+++ b/workadventure/docker-compose.yml
@@ -0,0 +1,89 @@
+version: "3.3"
+
+services:
+
+  reverse-proxy:
+    image: traefik:v2.5
+    command:
+      - --log.level=WARN
+      - --providers.docker
+      - --entryPoints.web.address=:80
+    ports:
+      - "9999:80"
+    depends_on:
+      - pusher
+      - front
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+    restart: unless-stopped
+
+  front:
+    image: thecodingmachine/workadventure-front:master
+    environment:
+      DEBUG_MODE: "$DEBUG_MODE"
+      JITSI_URL: $JITSI_URL
+      JITSI_PRIVATE_MODE: "$JITSI_PRIVATE_MODE"
+      PUSHER_URL: /pusher
+      ADMIN_URL: /admin
+      TURN_SERVER: "${TURN_SERVER}"
+      TURN_USER: "${TURN_USER}"
+      TURN_PASSWORD: "${TURN_PASSWORD}"
+      MAX_PER_GROUP: "${MAX_PER_GROUP}"
+      MAX_USERNAME_LENGTH: "${MAX_USERNAME_LENGTH}"
+      START_ROOM_URL: "${START_ROOM_URL}"
+      DISABLE_NOTIFICATIONS: "${DISABLE_NOTIFICATIONS}"
+      SKIP_RENDER_OPTIMIZATIONS: "${SKIP_RENDER_OPTIMIZATIONS}"
+    labels:
+      - "traefik.http.routers.front.rule=PathPrefix(`/`)"
+      - "traefik.http.routers.front.entryPoints=web"
+      - "traefik.http.services.front.loadbalancer.server.port=80"
+      - "traefik.http.routers.front.service=front"
+    restart: unless-stopped
+
+  pusher:
+    image: thecodingmachine/workadventure-pusher:master
+    environment:
+      SECRET_JITSI_KEY: "${SECRET_JITSI_KEY}"
+      SECRET_KEY: ${SECRET_KEY}
+      API_URL: back:50051
+      ADMIN_API_URL: "${ADMIN_API_URL}"
+      ADMIN_API_TOKEN: "${ADMIN_API_TOKEN}"
+      JITSI_URL: ${JITSI_URL}
+      JITSI_ISS: ${JITSI_ISS}
+      FRONT_URL : ${FRONT_URL}
+    labels:
+      - "traefik.http.middlewares.strip-pusher-prefix.stripprefix.prefixes=/pusher"
+      - "traefik.http.routers.pusher.rule=PathPrefix(`/pusher`)"
+      - "traefik.http.routers.pusher.middlewares=strip-pusher-prefix@docker"
+      - "traefik.http.routers.pusher.entryPoints=web"
+      - "traefik.http.services.pusher.loadbalancer.server.port=8080"
+      - "traefik.http.routers.pusher.service=pusher"
+    restart: unless-stopped
+
+
+  back:
+    image: thecodingmachine/workadventure-back:master
+    environment:
+      SECRET_KEY: ${SECRET_KEY}
+      STARTUP_COMMAND_1: yarn install
+      SECRET_JITSI_KEY: "${SECRET_JITSI_KEY}"
+      ADMIN_API_TOKEN: "${ADMIN_API_TOKEN}"
+      ADMIN_API_URL: "${ADMIN_API_URL}"
+      JITSI_URL: ${JITSI_URL}
+      JITSI_ISS: ${JITSI_ISS}
+      MAX_PER_GROUP: ${MAX_PER_GROUP}
+      TURN_STATIC_AUTH_SECRET: "${TURN_STATIC_AUTH_SECRET}"
+      REDIS_HOST: redis
+    labels:
+      - "traefik.http.middlewares.strip-api-prefix.stripprefix.prefixes=/api"
+      - "traefik.http.routers.back.rule=PathPrefix(`/api`)"
+      - "traefik.http.routers.back.middlewares=strip-api-prefix@docker"
+      - "traefik.http.routers.back.entryPoints=web"
+      - "traefik.http.services.back.loadbalancer.server.port=8080"
+      - "traefik.http.routers.back.service=back"
+    restart: unless-stopped
+
+  redis:
+    image: redis:6
+    restart: unless-stopped
+