signalapp/Signal-Calling-Service
signalapp/Signal-Calling-Service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
v67
Signal-Calling-Service/docker-compose.yml
Richard Russo fad35c24d0
Persistance of approved users 
Adds a new field to CallLinkState for previously approved users.
Updates the frontend to pass this field to the backend on call creation.
Updates the backend to report newly approved users to the frontend, to update the database.
Calls will not be cleaned up until this reporting succeeds (or fails after multiple tries).

Adds some new testing features:
- The backend can be started with `--persist-approval-for-all-users-who-join`.
  Normally approval is only recorded when an admin explicitly approves a pending user.
- On the frontend, DELETE /v1/call-link/approvals will reset the approval list for a room.
  This is only available in debug builds, or with the `testing` feature enabled.

Co-authored-by: Jordan Rose <jrose@signal.org>
2023-08-16 15:45:56 -07:00

182 lines
5.3 KiB
YAML
Raw Permalink Blame History

#
# Copyright 2019-2022 Signal Messenger, LLC
# SPDX-License-Identifier: AGPL-3.0-only
#
# This Docker Compose file is used for running and testing a local deployment of the Calling Service.
#
# Prerequisites
# If you plan to actually connect and carry out a group call, you need to do the following in this file:
# - Set the CALLING_AUTH_KEY to a valid key unless you have removed its use from the code.
# - Set the calling-backend IPs to that of your local host
#
# To use:
# $ docker compose build
# $ docker compose up
#
# Now you can access the Calling Service.
#
# Option 1:
# 1) Point a tool like Postman to http://<host ip>:8090/v2/conference/participants
# 2) Be sure to set the Basic Auth Password to a valid signature token
# - You can also modify the code to ignore the auth check
# 3) Repeat for the other APIs
#
# Option 2:
# 1) Go to this URL to find the ngrok http address that points to your frontend: http://localhost:4551
# 2) Modify Desktop code to ignore TLS certificate errors. Add this line in calling.ts, CallingClass.initialize:
# process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
#
# Or, if you are running from source, you can do this:
# $ NODE_TLS_REJECT_UNAUTHORIZED=0 yarn start
#
# 3) Build the Desktop with `yarn generate` (assuming you already did the `yarn install` parts before.
# 4) Run the Desktop client.
# 5) In the client's Developer Tools console, enter this:
# window.Signal.Services.calling.sfuUrl = "<ngrok http address>";
# Then press Enter.
# 6) Now when your client connects to a group call, it should be using this environment!
#
# Option 3:
# TBD: Use the gctc (Group Call Test Client)
#
version: '3.8'
services:
dynamodb:
image: "amazon/dynamodb-local:latest"
container_name: dynamodb
ulimits:
nproc: 65535
nofile:
soft: 65535
hard: 65535
ports:
- "8000:8000"
working_dir: /home/dynamodblocal
command:
# Use -inMemory for performance and because the data is temporary.
-jar DynamoDBLocal.jar -inMemory
# Sets up the table for the Calling Frontend. This sets up a table here:
# region: us-west-1
# table name: Conferences
bootstrap:
depends_on:
- dynamodb
build: ./docker/bootstrap
container_name: bootstrap
environment:
AWS_ACCESS_KEY_ID: 'DUMMY_KEY'
AWS_SECRET_ACCESS_KEY: 'DUMMY_PASSWORD'
calling-frontend:
depends_on:
- dynamodb
- bootstrap
- calling-backend
build:
args:
rust_flags: -Ctarget-cpu=native
dockerfile: frontend/Dockerfile
context: .
container_name: calling-frontend
ulimits:
nproc: 65535
nofile:
soft: 65535
hard: 65535
deploy:
resources:
limits:
cpus: '2.0'
memory: 5G
ports:
# Note: The frontend can be accessed via port 8090 externally.
- "8090:8080"
- "8100:8100"
entrypoint: calling_frontend
command:
- --region
- "us-west1"
- --authentication-key
# Set the auth key to the one you want, but do not commit with it!
- "deaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddeaddead"
- --zkparams
- "AMJqvmQRYwEGlm0MSy6QFPIAvgOVsqRASNX1meQyCOYHJFqxO8lITPkow5kmhPrsNbu9JhVfKFwesVSKhdZaqQko3IZlJZMqP7DDw0DgTWpdnYzSt0XBWT50DM1cw1nCUXXBZUiijdaFs+JRlTKdh54M7sf43pFxyMHlS3URH50LOeR8jVQKaUHi1bDP2GR9ZXp3Ot9Fsp0pM4D/vjL5PwoOUuzNNdpIqUSFhKVrtazwuHNn9ecHMsFsN0QPzByiDA8nhKcGpdzyWUvGjEDBvpKkBtqjo8QuXWjyS3jSl2oJ/Z4Fh3o2N1YfD2aWV/K88o+TN2/j2/k+KbaIZgmiWwppLU+SYGwthxdDfZgnbaaGT/vMYX9P5JlUWSuP3xIxDzPzxBEFho67BP0Pvux+0a5nEOEVEpfRSs61MMvwNXEKZtzkO0QFbOrFYrPntyb7ToqNi66OQNyTfl/J7kqFZg2MTm3CKjHTAIvVMFAGCIamsrT9sWXOtuNeMS94xazxDA=="
- --version
- "1"
- --max-clients-per-call
- "50"
- --cleanup-interval-ms
- "10000"
- --regional-url-template
- "http://calling-frontend:8080"
- --calling-server-url
- "http://calling-backend:8080"
- --storage-table
- "Rooms"
- --storage-endpoint
- "http://dynamodb:8000"
- --storage-region
- "us-west-1"
- --internal-api-port
- "8100"
calling-backend:
build:
args:
rust_flags: -Ctarget-cpu=native
dockerfile: backend/Dockerfile
context: .
container_name: calling-backend
ulimits:
nproc: 65535
nofile:
soft: 65535
hard: 65535
deploy:
resources:
limits:
cpus: '4.0'
memory: 5G
ports:
- "8080:8080"
- "9900:9900"
- "10000:10000/udp"
entrypoint: calling_backend
command:
# Set these IPs to your host's IP if you need to access it externally.
- --ice-candidate-ip
- "127.0.0.1"
- --signaling-ip
- "127.0.0.1"
- --ice-candidate-port-tcp
- "9900"
- --inactivity-timeout-secs
- "60"
- --diagnostics-interval-secs
- "10"
- --approved-users-persistence-url
- "http://calling-frontend:8100/v1/call-link-approvals"
# Go here on the host to find out the ngrok tunnel URL: http://localhost:4551
ngrok-frontend:
depends_on:
- calling-frontend
image: shkoliar/ngrok:latest
ports:
- 4551:4551
links:
- calling-frontend
environment:
- DOMAIN=calling-frontend
- PORT=8080
networks:
default:
name: test-network
Reference in New Issue View Git Blame Copy Permalink