Nextcloud: refactor Talk → HPB, switch to bridge mode, and template cleanups

- Change Talk (HPB) network_mode from host → bridge and drop TURN relay range mapping
- Remove obsolete nginx restart handler; rely on 'docker compose up' notify
- Fix spreed task condition to use HPB standalone flag
- docker-compose.yml.j2: parameterize service names, use NEXTCLOUD_*_SERVICE vars, align host-gateway condition with HPB, tidy ports/expose/network blocks
- env.j2/nginx configs: rename TALK_* → HPB_* variables and locations; use templated NEXTCLOUD_SERVICE for php upstream
- vars: introduce entity_name; centralize *SERVICE keys; rename all Talk vars to HPB; adjust whiteboard keys; compute URLs/JSON configs accordingly
- spreed plugin vars: point to HPB signaling/STUN/TURN and internal secret

Ref: https://chatgpt.com/share/68db9f41-16ec-800f-9cdf-7530862f89aa

roles/web-app-nextcloud/config/main.yml

@@ -74,9 +74,9 @@ docker:
       backup:
         no_stop_required:   false
       turn_server:
-        onboard_enabled:    true # Deactivated because standalone turnserver works with  Big Blue Button, so I assume that the nextcloud internal turnserver has it's isssues
+        onboard_enabled:    true
         standalone_enabled: false
-      network_mode:         host
+      network_mode:         bridge
       cpus:                 "1.0"
       mem_reservation:      "256m"
       mem_limit:            "1g"

roles/web-app-nextcloud/handlers/main.yml

@@ -1,6 +0,0 @@
----
-- name: restart nextcloud nginx service
-  command:
-    cmd: "docker exec {{ NEXTCLOUD_PROXY_CONTAINER }} nginx -s reload"
-  listen: restart nextcloud nginx service
-  ignore_errors: true # Ignoring if container is restarting

roles/web-app-nextcloud/tasks/01_fullstack.yml

@@ -27,11 +27,10 @@
     owner:  "{{ NEXTCLOUD_DOCKER_USER_id }}"
     group:  "{{ NEXTCLOUD_DOCKER_USER_id }}"
   loop:     "{{ lookup('fileglob', role_path ~ '/templates/config/*.j2', wantlist=True) }}"
-  # Not all type of changes take instantly place. Due to this reason a rebuild is required.
   notify: docker compose up
 
 - name: create internal nextcloud nginx configuration
   template:
     src:  "nginx/docker.conf.j2" 
     dest: "{{ NEXTCLOUD_HOST_NGINX_SRC }}"
-  notify: restart nextcloud nginx service
+  notify: docker compose up

roles/web-app-nextcloud/tasks/plugins/spreed.yml

@@ -5,4 +5,4 @@
     flush_handlers: true
   when:    
     - run_once_web_svc_coturn is not defined
-    - NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED | bool
+    - NEXTCLOUD_HPB_TURN_STANDALONE_ENABLED | bool

roles/web-app-nextcloud/templates/docker-compose.yml.j2

@@ -1,6 +1,6 @@
 {% include 'roles/docker-compose/templates/base.yml.j2' %}
 
-{% set service_name = 'proxy' %}
+{% set service_name = NEXTCLOUD_PROXY_SERVICE %}
   {{ service_name }}:
     image: "{{ NEXTCLOUD_PROXY_IMAGE }}:{{ NEXTCLOUD_PROXY_VERSION }}"
     container_name: "{{ NEXTCLOUD_PROXY_CONTAINER }}"
@@ -17,7 +17,7 @@
     networks:
       default:
         ipv4_address: 192.168.102.67
-{% if NEXTCLOUD_TALK_NETWORK_MODE == 'host' %}
+{% if NEXTCLOUD_HPB_NETWORK_MODE == 'host' %}
     extra_hosts:
       - "host.docker.internal:host-gateway"
 {% endif %}
@@ -39,33 +39,31 @@
 {% include 'roles/docker-container/templates/networks.yml.j2' %}
         ipv4_address: 192.168.102.69
 
-{% if NEXTCLOUD_TALK_SIGNALING_ENABLED | bool %}
-{% set service_name = 'talk' %}
+{% if NEXTCLOUD_HPB_SIGNALING_ENABLED | bool %}
+{% set service_name = NEXTCLOUD_HPB_SERVICE %}
   {{ service_name }}:
-{% set container_port = NEXTCLOUD_TALK_SIGNALING_PORT %}
+{% set container_port = NEXTCLOUD_HPB_SIGNALING_PORT %}
 {% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
-    image: "{{ NEXTCLOUD_TALK_IMAGE }}:{{ NEXTCLOUD_TALK_VERSION }}"
-    container_name: {{ NEXTCLOUD_TALK_CONTAINER }}
+    image: "{{ NEXTCLOUD_HPB_IMAGE }}:{{ NEXTCLOUD_HPB_VERSION }}"
+    container_name: {{ NEXTCLOUD_HPB_CONTAINER }}
     init: true
-    network_mode: {{ NEXTCLOUD_TALK_NETWORK_MODE }}
-    volumes:
-      - {{ NEXTCLOUD_HOST_JANUS_CONF_PATH }}:/usr/local/etc/janus/janus.jcfg:ro
-{% if NEXTCLOUD_TALK_NETWORK_MODE == 'bridge' and NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED | bool %}
+{% if NEXTCLOUD_HPB_NETWORK_MODE == 'bridge' and NEXTCLOUD_HPB_TURN_ONBOARD_ENABLED | bool %}
     ports:
-      - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}/tcp
-      - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}/udp
-      - {{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE }}/udp
+      - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}:{{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}/tcp
+      - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}:{{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}/udp
     expose:
       - "{{ container_port }}"
     networks:
       default:
         ipv4_address: 192.168.102.68
+{% else %}
+  network_mode: {{ NEXTCLOUD_HPB_NETWORK_MODE }}
 {% endif %}
 {% endif %}
 
 {% if NEXTCLOUD_WHITEBOARD_ENABLED %}
-{% set service_name = 'whiteboard' %}
+{% set service_name = NEXTCLOUD_WHITEBOARD_SERVICE %}
   {{ service_name }}:
 {% set container_port = NEXTCLOUD_WHITEBOARD_PORT_INTERNAL %}
 {% include 'roles/docker-container/templates/base.yml.j2' %}
@@ -79,7 +77,7 @@
         ipv4_address: 192.168.102.71
 {% endif %}
 
-{% set service_name = 'cron' %}
+{% set service_name = NEXTCLOUD_CRON_SERVICE %}
   {{ service_name }}:
     container_name: "{{ NEXTCLOUD_CRON_CONTAINER }}"
     image: "{{ NEXTCLOUD_IMAGE }}:{{ NEXTCLOUD_VERSION }}"

roles/web-app-nextcloud/templates/env.j2

@@ -39,19 +39,19 @@ OVERWRITEPROTOCOL=              "{{ WEB_PROTOCOL }}"
 REDIS_HOST=                     redis
 REDIS_PORT=                     6379
 
-{% if NEXTCLOUD_TALK_PLUGIN_ENABLED %}
+{% if NEXTCLOUD_HPB_PLUGIN_ENABLED %}
 # Talk Configuration
 NC_DOMAIN={{ NEXTCLOUD_DOMAIN }}
-TALK_HOST={{ NEXTCLOUD_TALK_DOMAIN }}
-TURN_SECRET={{ NEXTCLOUD_TALK_TURN_ONBOARD_SECRET }}
-SIGNALING_SECRET={{ NEXTCLOUD_TALK_SIGNALING_SECRET }}
-INTERNAL_SECRET={{ NEXTCLOUD_TALK_INTERNAL_SECRET }}
+TALK_HOST={{ NEXTCLOUD_HPB_DOMAIN }}
+TURN_SECRET={{ NEXTCLOUD_HPB_TURN_ONBOARD_SECRET }}
+SIGNALING_SECRET={{ NEXTCLOUD_HPB_SIGNALING_SECRET }}
+INTERNAL_SECRET={{ NEXTCLOUD_HPB_INTERNAL_SECRET }}
 TZ={{ HOST_TIMEZONE }}
-TALK_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}
-TURN_MIN_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }}
-TURN_MAX_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }}
-COTURN_MIN_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }}
-COTURN_MAX_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }}
+TALK_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}
+TURN_MIN_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_START }}
+TURN_MAX_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_END }}
+COTURN_MIN_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_START }}
+COTURN_MAX_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_END }}
 {% endif %}
 
 {% if NEXTCLOUD_WHITEBOARD_ENABLED %}

roles/web-app-nextcloud/templates/nginx/docker.conf.j2

@@ -39,7 +39,7 @@ http {
     #gzip  on;
 
     upstream php-handler {
-        server application:9000;
+        server {{ NEXTCLOUD_SERVICE }}:9000;
     }
 
     server {
@@ -192,12 +192,12 @@ http {
             proxy_read_timeout 3600;
         }
 
-{% if NEXTCLOUD_TALK_SIGNALING_ENABLED | bool %}
-        location {{ NEXTCLOUD_TALK_SIGNALING_LOCATION }} {
-{% if NEXTCLOUD_TALK_NETWORK_MODE == 'host' %}
-            proxy_pass          http://host.docker.internal:{{ NEXTCLOUD_TALK_SIGNALING_PORT }}/;
+{% if NEXTCLOUD_HPB_SIGNALING_ENABLED | bool %}
+        location {{ NEXTCLOUD_HPB_SIGNALING_LOCATION }} {
+{% if NEXTCLOUD_HPB_NETWORK_MODE == 'host' %}
+            proxy_pass          http://host.docker.internal:{{ NEXTCLOUD_HPB_SIGNALING_PORT }}/;
 {% else %}
-            proxy_pass          http://talk:{{ NEXTCLOUD_TALK_SIGNALING_PORT }}/;
+            proxy_pass          http://talk:{{ NEXTCLOUD_HPB_SIGNALING_PORT }}/;
 {% endif %}
             proxy_http_version  1.1;
             proxy_set_header    Host              $host;

roles/web-app-nextcloud/templates/nginx/host.conf.j2

@@ -17,8 +17,8 @@ server
   client_body_buffer_size 400M;
   fastcgi_buffers 64 4K;
 
-  {% if NEXTCLOUD_TALK_SIGNALING_ENABLED | bool %}
-    {% set location_ws = '^~ ' ~ NEXTCLOUD_TALK_SIGNALING_LOCATION %}
+  {% if NEXTCLOUD_HPB_SIGNALING_ENABLED | bool %}
+    {% set location_ws = '^~ ' ~ NEXTCLOUD_HPB_SIGNALING_LOCATION %}
     {% set ws_port     = NEXTCLOUD_PORT %}
     {% include 'roles/sys-svc-proxy/templates/location/ws.conf.j2' %}
   {% endif %}

roles/web-app-nextcloud/vars/main.yml

@@ -1,7 +1,8 @@
 ---
 # General
-application_id:                     "web-app-nextcloud"                                           # Application identifier
+application_id:                     "web-app-nextcloud"
 container_port:                     80
+entity_name:                        "{{ application_id | get_entity_name }}"
 
 # Database
 database_password:                  "{{ applications | get_app_conf(application_id, 'credentials.database_password') }}"
@@ -45,78 +46,83 @@ NEXTCLOUD_ADMINISTRATOR_USERNAME:   "{{ applications | get_app_conf(application_
 
 ### Base
 NEXTCLOUD_VOLUME:                   "{{ applications | get_app_conf(application_id, 'docker.volumes.data') }}"
-NEXTCLOUD_VERSION:                  "{{ applications | get_app_conf(application_id, 'docker.services.nextcloud.version') }}"
-NEXTCLOUD_IMAGE:                    "{{ applications | get_app_conf(application_id, 'docker.services.nextcloud.image') }}"
-NEXTCLOUD_CONTAINER:                "{{ applications | get_app_conf(application_id, 'docker.services.nextcloud.name') }}"
+NEXTCLOUD_SERVICE:                  "{{ entity_name }}"
+NEXTCLOUD_VERSION:                  "{{ applications | get_app_conf(application_id, 'docker.services.'~ NEXTCLOUD_SERVICE ~'.version') }}"
+NEXTCLOUD_IMAGE:                    "{{ applications | get_app_conf(application_id, 'docker.services.'~ NEXTCLOUD_SERVICE ~'.image') }}"
+NEXTCLOUD_CONTAINER:                "{{ applications | get_app_conf(application_id, 'docker.services.'~ NEXTCLOUD_SERVICE ~'.name') }}"
 
 ### Proxy
-NEXTCLOUD_PROXY_CONTAINER:          "{{ applications | get_app_conf(application_id, 'docker.services.proxy.name') }}"
-NEXTCLOUD_PROXY_IMAGE:              "{{ applications | get_app_conf(application_id, 'docker.services.proxy.image') }}"
-NEXTCLOUD_PROXY_VERSION:            "{{ applications | get_app_conf(application_id, 'docker.services.proxy.version') }}"
+NEXTCLOUD_PROXY_SERVICE:              "proxy"
+NEXTCLOUD_PROXY_CONTAINER:            "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_PROXY_SERVICE ~ '.name') }}"
+NEXTCLOUD_PROXY_IMAGE:                "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_PROXY_SERVICE ~ '.image') }}"
+NEXTCLOUD_PROXY_VERSION:              "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_PROXY_SERVICE ~ '.version') }}"
 
 ### Cron
-NEXTCLOUD_CRON_CONTAINER:           "{{ applications | get_app_conf(application_id, 'docker.services.cron.name') }}"
+NEXTCLOUD_CRON_SERVICE:               "cron"
+NEXTCLOUD_CRON_CONTAINER:             "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_CRON_SERVICE ~ '.name') }}"
 
-### Talk
+### High Performance Backend for Talk
+# https://github.com/nextcloud-snap/nextcloud-snap/wiki/How-to-configure-talk-HPB-with-Docker
 
 #### General
-NEXTCLOUD_TALK_CONTAINER:             "{{ applications | get_app_conf(application_id, 'docker.services.talk.name') }}"
-NEXTCLOUD_TALK_IMAGE:                 "{{ applications | get_app_conf(application_id, 'docker.services.talk.image') }}"
-NEXTCLOUD_TALK_VERSION:               "{{ applications | get_app_conf(application_id, 'docker.services.talk.version') }}"
-NEXTCLOUD_TALK_PLUGIN_ENABLED:        "{{ applications | get_app_conf(application_id, 'plugins.spreed.enabled') }}"
-NEXTCLOUD_TALK_NETWORK_MODE:          "{{ applications | get_app_conf(application_id, 'docker.services.talk.network_mode') }}"
-NEXTCLOUD_TALK_INTERNAL_SECRET:       "{{ applications | get_app_conf(application_id, 'credentials.talk_internal_secret') }}"
-NEXTCLOUD_TALK_DOMAIN:                "{{ NEXTCLOUD_DOMAIN }}"
+NEXTCLOUD_HPB_SERVICE:                      "talk"
+NEXTCLOUD_HPB_CONTAINER:                    "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_HPB_SERVICE ~ '.name') }}"
+NEXTCLOUD_HPB_IMAGE:                        "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_HPB_SERVICE ~ '.image') }}"
+NEXTCLOUD_HPB_VERSION:                      "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_HPB_SERVICE ~ '.version') }}"
+NEXTCLOUD_HPB_NETWORK_MODE:                 "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_HPB_SERVICE ~ '.network_mode') }}"
+NEXTCLOUD_HPB_PLUGIN_ENABLED:               "{{ applications | get_app_conf(application_id, 'plugins.spreed.enabled') }}"
+NEXTCLOUD_HPB_INTERNAL_SECRET:              "{{ applications | get_app_conf(application_id, 'credentials.talk_internal_secret') }}"
+NEXTCLOUD_HPB_DOMAIN:                       "{{ NEXTCLOUD_DOMAIN }}"
 
 #### Signaling
-NEXTCLOUD_TALK_SIGNALING_SECRET:      "{{ applications | get_app_conf(application_id, 'credentials.talk_signaling_secret') }}"
-NEXTCLOUD_TALK_SIGNALING_LOCATION:    "/standalone-signaling/"
-NEXTCLOUD_TALK_SIGNALING_PORT:        "8081"
-NEXTCLOUD_TALK_SIGNALING_URL:         "{{ [ NEXTCLOUD_URL, NEXTCLOUD_TALK_SIGNALING_LOCATION ] | url_join }}"
-NEXTCLOUD_TALK_SIGNALING_ENABLED:     "{{ NEXTCLOUD_TALK_PLUGIN_ENABLED }}"
+NEXTCLOUD_HPB_SIGNALING_SECRET:              "{{ applications | get_app_conf(application_id, 'credentials.talk_signaling_secret') }}"
+NEXTCLOUD_HPB_SIGNALING_LOCATION:            "/standalone-signaling/"
+NEXTCLOUD_HPB_SIGNALING_PORT:                "8081"
+NEXTCLOUD_HPB_SIGNALING_URL:                 "{{ [ NEXTCLOUD_URL, NEXTCLOUD_HPB_SIGNALING_LOCATION ] | url_join }}"
+NEXTCLOUD_HPB_SIGNALING_ENABLED:             "{{ NEXTCLOUD_HPB_PLUGIN_ENABLED }}"
 
 #### Talk Turn (Onboard)
-NEXTCLOUD_TALK_TURN_ONBOARD_PORT:             "{{ ports.public.stun_turn[application_id] }}"
-NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED:          "{{ applications | get_app_conf(application_id, 'docker.services.talk.turn_server.onboard_enabled') if NEXTCLOUD_TALK_PLUGIN_ENABLED else false }}"
-NEXTCLOUD_TALK_TURN_ONBOARD_SECRET:           "{{ applications | get_app_conf(application_id, 'credentials.talk_turn_secret') }}"
-NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START: "{{ ports.public.relay_port_ranges[application_id ~ '_start'] }}"
-NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END:   "{{ ports.public.relay_port_ranges[application_id ~ '_end'  ] }}"
-NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE: "{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }}-{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }}"
-NEXTCLOUD_TALK_STUN_ONBOARD_CONFIG:           "{{ NEXTCLOUD_TALK_DOMAIN }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}"
-NEXTCLOUD_TALK_TURN_ONBOARD_CONFIG: >-
+NEXTCLOUD_HPB_TURN_ONBOARD_PORT:             "{{ ports.public.stun_turn[application_id] }}"
+NEXTCLOUD_HPB_TURN_ONBOARD_ENABLED:          "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_HPB_SERVICE ~ '.turn_server.onboard_enabled') if NEXTCLOUD_HPB_PLUGIN_ENABLED else false }}"
+NEXTCLOUD_HPB_TURN_ONBOARD_SECRET:           "{{ applications | get_app_conf(application_id, 'credentials.talk_turn_secret') }}"
+NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_START: "{{ ports.public.relay_port_ranges[application_id ~ '_start'] }}"
+NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_END:   "{{ ports.public.relay_port_ranges[application_id ~ '_end'  ] }}"
+NEXTCLOUD_HPB_STUN_ONBOARD_CONFIG:           "{{ NEXTCLOUD_HPB_DOMAIN }}:{{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}"
+NEXTCLOUD_HPB_TURN_ONBOARD_CONFIG: >-
   {{
     {
-      'server': NEXTCLOUD_TALK_DOMAIN ~ ':' ~ NEXTCLOUD_TALK_TURN_ONBOARD_PORT,
-      'secret': NEXTCLOUD_TALK_TURN_ONBOARD_SECRET,
-      'ttl': 86400,
-      'protocols': 'udp,tcp'
+      'server':     NEXTCLOUD_HPB_DOMAIN ~ ':' ~ NEXTCLOUD_HPB_TURN_ONBOARD_PORT,
+      'secret':     NEXTCLOUD_HPB_TURN_ONBOARD_SECRET,
+      'ttl':        86400,
+      'protocols':  'udp,tcp'
     }
   }}
 
 #### Coturn (Standalone)
-NEXTCLOUD_TALK_TURN_STANDALONE_ROLE:          'web-svc-coturn'
-NEXTCLOUD_TALK_TURN_STANDALONE_PORT:          "{{ ports.public.stun_turn[NEXTCLOUD_TALK_TURN_STANDALONE_ROLE] }}"
-NEXTCLOUD_TALK_TURN_STANDALONE_SECRET:        "{{ applications | get_app_conf(NEXTCLOUD_TALK_TURN_STANDALONE_ROLE, 'credentials.auth_secret') }}"
-NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED:       "{{ applications | get_app_conf(application_id, 'docker.services.talk.turn_server.standalone_enabled') if NEXTCLOUD_TALK_PLUGIN_ENABLED else false }}"
-NEXTCLOUD_TALK_TURN_STANDALONE_DOMAIN:        "{{ domains | get_domain(NEXTCLOUD_TALK_TURN_STANDALONE_ROLE) }}"
-NEXTCLOUD_TALK_STUN_STANDALONE_CONFIG:        "{{ NEXTCLOUD_TALK_TURN_STANDALONE_DOMAIN }}:{{ NEXTCLOUD_TALK_TURN_STANDALONE_PORT }}"
-NEXTCLOUD_TALK_TURN_STANDALONE_CONFIG: >-
+NEXTCLOUD_HPB_TURN_STANDALONE_ROLE:          'web-svc-coturn'
+NEXTCLOUD_HPB_TURN_STANDALONE_PORT:          "{{ ports.public.stun_turn[NEXTCLOUD_HPB_TURN_STANDALONE_ROLE] }}"
+NEXTCLOUD_HPB_TURN_STANDALONE_SECRET:        "{{ applications | get_app_conf(NEXTCLOUD_HPB_TURN_STANDALONE_ROLE, 'credentials.auth_secret') }}"
+NEXTCLOUD_HPB_TURN_STANDALONE_ENABLED:       "{{ applications | get_app_conf(application_id, 'docker.services.talk.turn_server.standalone_enabled') if NEXTCLOUD_HPB_PLUGIN_ENABLED else false }}"
+NEXTCLOUD_HPB_TURN_STANDALONE_DOMAIN:        "{{ domains | get_domain(NEXTCLOUD_HPB_TURN_STANDALONE_ROLE) }}"
+NEXTCLOUD_HPB_STUN_STANDALONE_CONFIG:        "{{ NEXTCLOUD_HPB_TURN_STANDALONE_DOMAIN }}:{{ NEXTCLOUD_HPB_TURN_STANDALONE_PORT }}"
+NEXTCLOUD_HPB_TURN_STANDALONE_CONFIG: >-
   {{
     {
-      'server': NEXTCLOUD_TALK_TURN_STANDALONE_DOMAIN ~ ':' ~ NEXTCLOUD_TALK_TURN_STANDALONE_PORT,
-      'secret': NEXTCLOUD_TALK_TURN_STANDALONE_SECRET,
-      'ttl': 86400,
-      'protocols': 'udp,tcp'
+      'server':     NEXTCLOUD_HPB_TURN_STANDALONE_DOMAIN ~ ':' ~ NEXTCLOUD_HPB_TURN_STANDALONE_PORT,
+      'secret':     NEXTCLOUD_HPB_TURN_STANDALONE_SECRET,
+      'ttl':        86400,
+      'protocols':  'udp,tcp'
     }
   }}
 
 ### Whiteboard
-NEXTCLOUD_WHITEBOARD_CONTAINER:     "{{ applications | get_app_conf(application_id, 'docker.services.whiteboard.name') }}"
-NEXTCLOUD_WHITEBOARD_IMAGE:         "{{ applications | get_app_conf(application_id, 'docker.services.whiteboard.image') }}"
-NEXTCLOUD_WHITEBOARD_VERSION:       "{{ applications | get_app_conf(application_id, 'docker.services.whiteboard.version') }}"
-NEXTCLOUD_WHITEBOARD_ENABLED:       "{{ applications | get_app_conf(application_id, 'plugins.whiteboard.enabled') }}"
+NEXTCLOUD_WHITEBOARD_SERVICE:      "whiteboard"
+NEXTCLOUD_WHITEBOARD_CONTAINER:     "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_WHITEBOARD_SERVICE ~'.name') }}"
+NEXTCLOUD_WHITEBOARD_IMAGE:         "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_WHITEBOARD_SERVICE ~'.image') }}"
+NEXTCLOUD_WHITEBOARD_VERSION:       "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_WHITEBOARD_SERVICE ~'.version') }}"
+NEXTCLOUD_WHITEBOARD_ENABLED:       "{{ applications | get_app_conf(application_id, 'plugins.' ~ NEXTCLOUD_WHITEBOARD_SERVICE ~'.enabled') }}"
 NEXTCLOUD_WHITEBOARD_PORT_INTERNAL: "3002"
-NEXTCLOUD_WHITEBOARD_JWT:           "{{ applications | get_app_conf(application_id, 'credentials.whiteboard_jwt_secret') }}"
+NEXTCLOUD_WHITEBOARD_JWT:           "{{ applications | get_app_conf(application_id, 'credentials.' ~ NEXTCLOUD_WHITEBOARD_SERVICE ~'_jwt_secret') }}"
 NEXTCLOUD_WHITEBOARD_LOCATION:      "/whiteboard/"
 NEXTCLOUD_WHITEBOARD_URL:           "{{ [ NEXTCLOUD_URL, NEXTCLOUD_WHITEBOARD_LOCATION ] | url_join }}"
 

roles/web-app-nextcloud/vars/plugins/spreed.yml

@@ -3,8 +3,8 @@ plugin_configuration:
   - appid: "spreed"
     configkey: "signaling_servers"
     configvalue: "{{ {
-        'servers': [ { 'server': NEXTCLOUD_TALK_SIGNALING_URL, 'verify': True, 'alias': 'primary' } ],
-        'secret':  NEXTCLOUD_TALK_SIGNALING_SECRET
+        'servers': [ { 'server': NEXTCLOUD_HPB_SIGNALING_URL, 'verify': True, 'alias': 'primary' } ],
+        'secret':  NEXTCLOUD_HPB_SIGNALING_SECRET
       } | to_json }}"
 
   # stun_servers: JSON array of strings
@@ -13,8 +13,8 @@ plugin_configuration:
     configvalue: >-
       {{
         [
-          NEXTCLOUD_TALK_STUN_ONBOARD_CONFIG     if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED    else none,
-          NEXTCLOUD_TALK_STUN_STANDALONE_CONFIG  if NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED else none
+          NEXTCLOUD_HPB_STUN_ONBOARD_CONFIG     if NEXTCLOUD_HPB_TURN_ONBOARD_ENABLED    else none,
+          NEXTCLOUD_HPB_STUN_STANDALONE_CONFIG  if NEXTCLOUD_HPB_TURN_STANDALONE_ENABLED else none
         ]
         | select
         | list
@@ -27,8 +27,8 @@ plugin_configuration:
     configvalue: >-
       {{
         [
-          NEXTCLOUD_TALK_TURN_ONBOARD_CONFIG     if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED    else none,
-          NEXTCLOUD_TALK_TURN_STANDALONE_CONFIG  if NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED else none
+          NEXTCLOUD_HPB_TURN_ONBOARD_CONFIG     if NEXTCLOUD_HPB_TURN_ONBOARD_ENABLED    else none,
+          NEXTCLOUD_HPB_TURN_STANDALONE_CONFIG  if NEXTCLOUD_HPB_TURN_STANDALONE_ENABLED else none
         ]
         | select
         | list
@@ -38,4 +38,4 @@ plugin_configuration:
   # internal secret (plain string)
   - appid: "spreed"
     configkey: "internal_secret"
-    configvalue: "{{ NEXTCLOUD_TALK_INTERNAL_SECRET }}"
+    configvalue: "{{ NEXTCLOUD_HPB_INTERNAL_SECRET }}"