From 6c4f4202f01e9113c5dc9db3024cbdf19152b5d3 Mon Sep 17 00:00:00 2001 From: Sebastian Friston Date: Tue, 20 Feb 2024 18:20:55 +0000 Subject: [PATCH] Added Dockerfile for quick server deployment --- Containers/Docker/Dockerfile | 52 +++++++++++++++++++++++++++++++ Containers/Docker/local.json | 28 +++++++++++++++++ Containers/Docker/turnserver.conf | 10 ++++++ Containers/Docker/ubiq.sh | 42 +++++++++++++++++++++++++ 4 files changed, 132 insertions(+) create mode 100644 Containers/Docker/Dockerfile create mode 100644 Containers/Docker/local.json create mode 100644 Containers/Docker/turnserver.conf create mode 100644 Containers/Docker/ubiq.sh diff --git a/Containers/Docker/Dockerfile b/Containers/Docker/Dockerfile new file mode 100644 index 000000000..3f0e2a9e8 --- /dev/null +++ b/Containers/Docker/Dockerfile @@ -0,0 +1,52 @@ +FROM ubuntu:22.04 + +# This snippet installs: +# curl, which is required to install Node Version Manager, ensuring we can get the correct version of Node. +# git, in order to clone Ubiq +# pwgen, which is required to generate secrets local to this container +# dos2unix, a utility used to make sure we don't have any windows line endings in place, which will mess with bash. +# coturn, a TURN server + +RUN apt-get -y update +RUN apt-get -y install curl git pwgen dos2unix coturn + +# This snippet (from Steve Campbell @ https://stackoverflow.com/questions/25899912/how-to-install-nvm-in-docker) installs NVM and the specified version of Node. + +ENV NVM_DIR /root/.nvm +RUN mkdir -p $NVM_DIR +RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.7/install.sh | bash +ENV NODE_VERSION v18.12.1 +RUN /bin/bash -c "source $NVM_DIR/nvm.sh && nvm install $NODE_VERSION && nvm use --delete-prefix $NODE_VERSION" + +ENV NODE_PATH $NVM_DIR/versions/node/$NODE_VERSION/lib/node_modules +ENV PATH $NVM_DIR/versions/node/$NODE_VERSION/bin:$PATH + +# The next two lines checkout the server code only. The sparse checkout clones only the metadata, to avoid copying the full history. sparse-checkout add then prompts git to download just the Node folder. + +RUN git clone --filter=blob:none --sparse --branch "unity-v1.0.0-pre.3" https://github.com/UCL-VR/ubiq.git ubiq +WORKDIR ubiq +RUN git sparse-checkout add Node +WORKDIR Node +RUN npm i +WORKDIR / + +# This line copies the local config template into the container. This template will be updated at runtime before the servers are started. + +COPY local.json /ubiq/Node/config/local.json + +# This line copies the local coturn config over the existing one. This template will be updated at runtime before the servers are started. + +COPY turnserver.conf /etc/turnserver.conf + +# This line copies the script that will configure and start the server at runtime. dos2unix ensures that it conforms to unix line endings. + +COPY ubiq.sh / +RUN dos2unix /ubiq.sh + +# This line sets the above script as the entrypoint. When this script terminates, so will the image. + +ENTRYPOINT ["bash", "-c", "source /ubiq.sh"] + +# Finally open the relevant ports + +EXPOSE 8009-8030 \ No newline at end of file diff --git a/Containers/Docker/local.json b/Containers/Docker/local.json new file mode 100644 index 000000000..62b53de37 --- /dev/null +++ b/Containers/Docker/local.json @@ -0,0 +1,28 @@ +{ + "iceservers": + [ + { + "uri" : "stun:stun.l.google.com:19302" + }, + { + "uri" : "turn:UBIQ_HOSTNAME:8011", + "secret" : "UBIQ_TURNSECRET", + "timeoutSeconds" : 1440 + } + ], + "roomserver": + { + "wss": + { + "cert":"/certs/cert.pem", + "key":"/certs/key.pem" + } + }, + "status": + { + "port":8012, + "cert":"/certs/cert.pem", + "key":"/certs/key.pem", + "apikeys":[] + } +} diff --git a/Containers/Docker/turnserver.conf b/Containers/Docker/turnserver.conf new file mode 100644 index 000000000..8890094e8 --- /dev/null +++ b/Containers/Docker/turnserver.conf @@ -0,0 +1,10 @@ +fingerprint +use-auth-secret +listening-port=8011 +static-auth-secret=UBIQ_TURNSECRET +realm=UBIQ_HOSTNAME +external-ip=UBIQ_HOSTNAME +min-port=8013 +max-port=8030 +cert=/certs/cert.pem +pkey=/certs/key.pem \ No newline at end of file diff --git a/Containers/Docker/ubiq.sh b/Containers/Docker/ubiq.sh new file mode 100644 index 000000000..f84dd817c --- /dev/null +++ b/Containers/Docker/ubiq.sh @@ -0,0 +1,42 @@ +#!/bin/bash + +echo "Starting Ubiq Server Container" + +export UBIQ_TURNSECRET=$(pwgen 20 1) + +# This snippet generates the self-signed certificate that will be used if one is not provided via the mount option +# The -node option ensures the key does not require a keyphrase +# This must be executed after the hostname is known +# If testing this command on windows, consider prepending it with winpty as sometimes any interactive prompt(s) can get messed up. + +if [ -d /certs ]; then + echo "Using host certificates." +else + echo "Generating certificates for $HOSTNAME" + mkdir /certs + cd /certs + openssl req -new -nodes -x509 -subj "/CN=$HOSTNAME/emailAddress=ubiq@$HOSTNAME/C=UK/ST=London/L=Gower Street/O=UCL/OU=Computer Science" -keyout key.pem -out cert.pem > /dev/null 2>&1 +fi + + +# This next section configures the deployment. Configurations are provided in files, so these lines replace placeholders with environment variables before starting the services. + +sed -i -e "s/UBIQ_TURNSECRET/$UBIQ_TURNSECRET/g" /ubiq/Node/config/local.json +sed -i -e "s/UBIQ_TURNSECRET/$UBIQ_TURNSECRET/g" /etc/turnserver.conf + +sed -i -e "s/UBIQ_HOSTNAME/$HOSTNAME/g" /ubiq/Node/config/local.json +sed -i -e "s/UBIQ_HOSTNAME/$HOSTNAME/g" /etc/turnserver.conf + +# Start coturn (in the background) + +coturn & +sleep 1 + +cd /ubiq/Node + +npm start + +# This last line is used for creating an interactive prompt. Uncomment it for diagnostics and debugging. + +# /bin/bash "$@" +