Greenlight · step-by-step
How to Install Greenlight v3 with BigBlueButton
A production-minded Greenlight v3 walkthrough for a single-node BigBlueButton deployment, including the decisions the one-line installer cannot make for you.
Executive brief
What matters
- 01
Confirm the Greenlight and connector versions before changing production.
- 02
Validate teacher, learner and recording workflows—not merely the API handshake.
- 03
Treat the API or LTI secret as a server-side production credential.
01
Choose the supported integration path
The supported colocated path uses the official bbb-install script with the -g option. It is convenient for one BigBlueButton node; choose the isolated architecture below when the frontend needs its own lifecycle or will sit in front of Scalelite.
- Clean supported Ubuntu host and production-ready BigBlueButton prerequisites.
- Public DNS name, ports 80/443 and a trusted certificate path.
- SMTP details and an account-registration policy decided before launch.
02
Prepare BigBlueButton and credentials
Use a production BigBlueButton endpoint with a trusted TLS certificate. Keep the API shared secret or LTI secret on the server side: it is equivalent to an application credential and must never be placed in browser code, a public repository or a screenshot.
- 1
Confirm the BigBlueButton server is healthy and that its public hostname resolves correctly.
- 2
Retrieve the API URL and shared secret with sudo bbb-conf --secret, or create a dedicated LTI key and secret where the integration uses LTI.
- 3
Record the platform version, connector version, owner and rollback point before making the change.
sudo bbb-conf --check
# Use the current command from the official bbb-install release and include:
# -g
03
Configure Greenlight
Make the first connection in a staging course, workspace or tenant. Use a dedicated test teacher and test learner so role mapping can be observed rather than inferred from an administrator account.
- 1
Run the current bbb-install command from the official release branch and include -g.
- 2
Open the Greenlight URL, then create an administrator with the documented rake task.
- 3
Set SMTP and registration behaviour in the generated environment configuration; restart the containers.
- 4
Create one room and restrict registration before publishing the hostname.
04
Run an end-to-end acceptance test
A green “connection successful” message proves only that one API request worked. The useful test follows the complete classroom lifecycle from creation through recording publication.
- 1
Create a room as an administrator and join in a private browser as a guest.
- 2
Test microphone, camera, screen share, presentation upload and clean meeting end.
- 3
Record a short session and wait for it to publish in the room.
- 4
Send an invitation or password-reset email through the configured SMTP relay.
05
Common problems and practical fixes
Start with timestamps, browser developer tools and the logs on both sides. Repeatedly replacing secrets rarely fixes a hostname, TLS, role or callback problem and makes the evidence harder to follow.
- A 502 response usually means the Greenlight container or reverse-proxy target is unavailable.
- If login email never arrives, inspect SMTP authentication, sender policy and container logs.
- If rooms open but joins fail, compare the configured BBB endpoint with sudo bbb-conf --secret.
06
Production hardening and upgrades
Restrict who can create rooms, define recording retention, test accessibility and document the integration owner. Pin or approve connector updates, subscribe to upstream releases and repeat the acceptance test after changes to the LMS, connector, BigBlueButton or reverse proxy.
- Do not expose the BigBlueButton shared secret to course authors or client-side JavaScript.
- Use least-privilege teacher roles and test guest, suspended and unenrolled users.
- Monitor API errors, failed joins, recording processing and disk growth.
- Keep a short rollback runbook: previous package, configuration backup and maintenance window.
Evidence base
Sources and further reading
We prefer project documentation and first-party product guidance. Community links are included where they reveal recurring operational questions rather than establish product guarantees.
Practical answers
Questions teams ask
Can Greenlight and BigBlueButton run on the same server?+
They should normally be separated. BigBlueButton expects a clean, dedicated media host; co-location creates port, resource and upgrade conflicts.
Should I point the integration at Scalelite?+
Yes when you operate a Scalelite pool. Use the load balancer API URL and secret so new meetings can be assigned across healthy BigBlueButton nodes.
Why do recordings not appear immediately?+
BigBlueButton publishes recordings asynchronously after a meeting ends. Long meetings and busy processing queues take longer; check recording status before changing the connector.
Continue the research
Related guides and infrastructure
Greenlight administration for production
Operate Greenlight safely: identity, roles, rooms, SMTP, database backups, upgrades, recording visibility and support boundaries.
Read next → InfrastructureAn isolated server for Greenlight, PostgreSQL and Redis
Deploy Greenlight on its own server for a cleaner BigBlueButton architecture, independent database lifecycle and easier cluster growth.
Read next → Identity & accessSSO with Microsoft Entra ID, Google Workspace and LDAP
Connect Greenlight to Microsoft Entra ID, Google Workspace or LDAP using OpenID Connect and an identity broker.
Read next →