push

2 years ago · 98c4381f38
parent 9cedc896bf
commit 98c4381f38
4 changed files with 234 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,94 @@
 # workadventure
 ## Description
 Ce projet a pour but de déployer la stack workadventure (https://github.com/thecodingmachine/workadventure) en auto-hébergement.
 ## Pré-requis
 Pour déployer cette stack, vous aurez besoin:
 - Une machine pour héberger le serveur (proc 3Ghz, 4Go ram minimum)
 - Un nom de domaine pour pointer vers votre serveur
 - L'accès à votre box internet pour la redirection des ports
 ## Configuration / Installation
 ### Nginx proxy manager
 ```bash
 cd nginx-proxy-manager/
 docker-compose up -d
 ```
 - L'interface est disponible à cette adresse:
 http://your-ip-or-domain:81
 - identifiants:
    - user: admin@example.com
    - mdp: changeme
 ### Workadventure
 - Renseigner le nom de domaine aux quatres endroits:
 ```bash
 cd workadventure/
 nano .env
 ```
 - Récupérer le endpoint de la stack:
 ```bash
 docker network list
 docker network inspect <your workadventure network name>
 ```
 ### Nginx-proxy-manager 2
 - Sur l'interface web du Nginx-proxy-manager créer une "Proxy Host entry"
 ... IMAGE ...
 - Renseigner votre nom de domaine dans l'URL
 - Renseigner le endpoint dans la config du Nginx proxy manager avec le port 9999
 - Cocher les cases Block Common Exploits et Websockets, puis sauvegarder
 ... IMAGE ...
 - Créer les certificats SSL:
 ... IMAGE 1 ...
 ... IMAGE 2 ...
 ... IMAGE 3 ...
 ### Deployer
 ```bash
 # NGINX PROXY MANAGER
 cd nginx-proxy-manager/
 docker-compose up -d
 # WORKADVENTURE
 cd workadventure/
 docker-compose up -d
 ```
 ### Map building
 tuto: https://workadventu.re/map-building/
 ## Roadmap
 - SSO login
 - Faire une map de fou!
 ## Contributing
 - Me
 - The others
 ## License
 ... OPEN SOURCE GPL3
--- a/nginx-proxy-manager/docker-compose.yml
+++ b/nginx-proxy-manager/docker-compose.yml
@ -0,0 +1,12 @@
 version: '3'
 services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      - '80:80'
      - '81:81'
      - '443:443'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
--- a/workadventure/.env
+++ b/workadventure/.env
@ -0,0 +1,39 @@
 # The base domain
 DOMAIN=votre-nom-de-domaine.com
 DEBUG_MODE=false
 JITSI_URL=meet.jit.si
 # Domain redirections
 FRONT_URL=play.votre-nom-de-domaine.com
 PUSHER_HOST=pusher.votre-nom-de-domaine.com
 BACK_HOST=api.votre-nom-de-domaine.com
 # If your Jitsi environment has authentication set up, you MUST set JITSI_PRIVATE_MODE to>
 JITSI_PRIVATE_MODE=false
 JITSI_ISS=
 SECRET_JITSI_KEY=
 # URL of the TURN server (needed to "punch a hole" through some networks for P2P connecti>
 #TURN_SERVER=
 #TURN_USER=
 #TURN_PASSWORD=
 # The URL used by default, in the form: "/_/global/map/url.json"
 START_ROOM_URL=/_/global/GregLebreton.github.io/adventure-map/map.json
 # The email address used by Let's encrypt to send renewal warnings (compulsory)
 ACME_EMAIL=
 # Set to true to allow using this instance as a target for the apiUrl property
 FEDERATE_PUSHER=false
 # Server settings
 MAX_PER_GROUP=100
 MAX_USERNAME_LENGTH=25
 DISABLE_NOTIFICATIONS=false
 SKIP_RENDER_OPTIMIZATIONS=false
 # Secrets
 SECRET_KEY=
 ADMIN_API_TOKEN=
 ADMIN_API_URL=
--- a/workadventure/docker-compose.yml
+++ b/workadventure/docker-compose.yml
@ -0,0 +1,89 @@
 version: "3.3"
 services:
  reverse-proxy:
    image: traefik:v2.5
    command:
      - --log.level=WARN
      - --providers.docker
      - --entryPoints.web.address=:80
    ports:
      - "9999:80"
    depends_on:
      - pusher
      - front
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    restart: unless-stopped
  front:
    image: thecodingmachine/workadventure-front:master
    environment:
      DEBUG_MODE: "$DEBUG_MODE"
      JITSI_URL: $JITSI_URL
      JITSI_PRIVATE_MODE: "$JITSI_PRIVATE_MODE"
      PUSHER_URL: /pusher
      ADMIN_URL: /admin
      TURN_SERVER: "${TURN_SERVER}"
      TURN_USER: "${TURN_USER}"
      TURN_PASSWORD: "${TURN_PASSWORD}"
      MAX_PER_GROUP: "${MAX_PER_GROUP}"
      MAX_USERNAME_LENGTH: "${MAX_USERNAME_LENGTH}"
      START_ROOM_URL: "${START_ROOM_URL}"
      DISABLE_NOTIFICATIONS: "${DISABLE_NOTIFICATIONS}"
      SKIP_RENDER_OPTIMIZATIONS: "${SKIP_RENDER_OPTIMIZATIONS}"
    labels:
      - "traefik.http.routers.front.rule=PathPrefix(`/`)"
      - "traefik.http.routers.front.entryPoints=web"
      - "traefik.http.services.front.loadbalancer.server.port=80"
      - "traefik.http.routers.front.service=front"
    restart: unless-stopped
  pusher:
    image: thecodingmachine/workadventure-pusher:master
    environment:
      SECRET_JITSI_KEY: "${SECRET_JITSI_KEY}"
      SECRET_KEY: ${SECRET_KEY}
      API_URL: back:50051
      ADMIN_API_URL: "${ADMIN_API_URL}"
      ADMIN_API_TOKEN: "${ADMIN_API_TOKEN}"
      JITSI_URL: ${JITSI_URL}
      JITSI_ISS: ${JITSI_ISS}
      FRONT_URL : ${FRONT_URL}
    labels:
      - "traefik.http.middlewares.strip-pusher-prefix.stripprefix.prefixes=/pusher"
      - "traefik.http.routers.pusher.rule=PathPrefix(`/pusher`)"
      - "traefik.http.routers.pusher.middlewares=strip-pusher-prefix@docker"
      - "traefik.http.routers.pusher.entryPoints=web"
      - "traefik.http.services.pusher.loadbalancer.server.port=8080"
      - "traefik.http.routers.pusher.service=pusher"
    restart: unless-stopped
  back:
    image: thecodingmachine/workadventure-back:master
    environment:
      SECRET_KEY: ${SECRET_KEY}
      STARTUP_COMMAND_1: yarn install
      SECRET_JITSI_KEY: "${SECRET_JITSI_KEY}"
      ADMIN_API_TOKEN: "${ADMIN_API_TOKEN}"
      ADMIN_API_URL: "${ADMIN_API_URL}"
      JITSI_URL: ${JITSI_URL}
      JITSI_ISS: ${JITSI_ISS}
      MAX_PER_GROUP: ${MAX_PER_GROUP}
      TURN_STATIC_AUTH_SECRET: "${TURN_STATIC_AUTH_SECRET}"
      REDIS_HOST: redis
    labels:
      - "traefik.http.middlewares.strip-api-prefix.stripprefix.prefixes=/api"
      - "traefik.http.routers.back.rule=PathPrefix(`/api`)"
      - "traefik.http.routers.back.middlewares=strip-api-prefix@docker"
      - "traefik.http.routers.back.entryPoints=web"
      - "traefik.http.services.back.loadbalancer.server.port=8080"
      - "traefik.http.routers.back.service=back"
    restart: unless-stopped
  redis:
    image: redis:6
    restart: unless-stopped