AWARENESS because of changes that have left certain integrations broken, only the release/2023-03-01.x
tags appear to fully work with video media playback. Here's a github issue that talks about it: instructure#2327
Beware - getting the RCE (rich content editor) service running & integrated w/ the main Canvas services is ... fiddly.
The .env
file in the root should contain
COMPOSE_FILE=docker-compose.yml:docker-compose.override.yml:docker-compose/rce-api.override.yml
Make sure each of these files exists (see below).
The Linux system needs to have a group
with ID 9999
defined, e.g. docker-instructure:9999
- this allows the group the Docker containers run with internally to change the necessary files in the bind mounts.
Once this is defined, you should run the following from the workspace root.
chgrp -R docker-instructure .
There are a number of files to edit under the docker-compose/
directly, mostly in docker-compose/config
.
docker-compose/config/domain.yml
Change domain:
to whatever the client-facing FQDN is, add ssl: true
since it'll likely be behind HTTPS if it's CloudFront CDN.
docker-compose/config/dynamic_settings.yml
Change
development:
config:
canvas:
canvas:
encryption-secret: "astringthatisactually24byteslong"
signing-secret: "astringthatisactually24byteslong"
to values generated by openssl rand -base64 24
Change the app-host:
domain under rich-content-service:
to whatever the URL is that the RCE container is running under (should be a separate domain, don't think a subpath works?), e.g. https://rce-fqdn.example.com
docker-compose/config/outgoing_mail.yml
Configure the necessary outgoing SMTP auth ... this requires setting up an app password - there's probably better ways to do this?
address: smtp.gmail.com
port: 587
#domain:
outgoing_address: "[email protected]"
enable_starttls_auto: true
user_name: "[email protected]"
password: "app-password"
authentication: login
docker-compose/rce-api.override.yml
In the environment:
, set the following vars
- VIRTUAL_HOST: "the-FQDN-of-the-URL-configured-as-app-host-in-step-2"
- HTTP_PROTOCOL_OVERRIDE: "https"
- ECOSYSTEM_SECRET: "the-signing-secret-from-step-2"
- ECOSYSTEM_KEY: "the-encryption-secret-from-step-2"
docker-compose.override.yml
Optional / if-needed ... by default, the web
container will listen on port 80
, if this needs to be changed, copy config/docker-compose.override.yml.example
to ./docker-compose.override.yml
and add a ports:
mapping for the web:
container, e.g. - 8181:80
Once all the configs have been customized, permissions modified, etc. - you should be able to run script/docker_dev_setup.sh
to build all the containers and do any initial setup. This will bring up the development
configuration ... not sure it matters, entirely, but PSA - it's not the production
configuration ... I think that configuration expects a lot more distributed components, not everything running as a docker-compose setup.