From 0d99c7f29713327760e1566dc685d31fc1e1c636 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Tue, 30 Sep 2025 12:52:15 +0200 Subject: [PATCH] =?UTF-8?q?Nextcloud:=20refactor=20Talk=20=E2=86=92=20HPB,?= =?UTF-8?q?=20switch=20to=20bridge=20mode,=20and=20template=20cleanups?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Change Talk (HPB) network_mode from host → bridge and drop TURN relay range mapping - Remove obsolete nginx restart handler; rely on 'docker compose up' notify - Fix spreed task condition to use HPB standalone flag - docker-compose.yml.j2: parameterize service names, use NEXTCLOUD_*_SERVICE vars, align host-gateway condition with HPB, tidy ports/expose/network blocks - env.j2/nginx configs: rename TALK_* → HPB_* variables and locations; use templated NEXTCLOUD_SERVICE for php upstream - vars: introduce entity_name; centralize *SERVICE keys; rename all Talk vars to HPB; adjust whiteboard keys; compute URLs/JSON configs accordingly - spreed plugin vars: point to HPB signaling/STUN/TURN and internal secret Ref: https://chatgpt.com/share/68db9f41-16ec-800f-9cdf-7530862f89aa --- roles/web-app-nextcloud/config/main.yml | 4 +- roles/web-app-nextcloud/handlers/main.yml | 6 - .../web-app-nextcloud/tasks/01_fullstack.yml | 3 +- .../tasks/plugins/spreed.yml | 2 +- .../templates/docker-compose.yml.j2 | 30 +++-- roles/web-app-nextcloud/templates/env.j2 | 20 ++-- .../templates/nginx/docker.conf.j2 | 12 +- .../templates/nginx/host.conf.j2 | 4 +- roles/web-app-nextcloud/vars/main.yml | 104 +++++++++--------- .../web-app-nextcloud/vars/plugins/spreed.yml | 14 +-- 10 files changed, 98 insertions(+), 101 deletions(-) delete mode 100644 roles/web-app-nextcloud/handlers/main.yml diff --git a/roles/web-app-nextcloud/config/main.yml b/roles/web-app-nextcloud/config/main.yml index 1f83472e..42446f8b 100644 --- a/roles/web-app-nextcloud/config/main.yml +++ b/roles/web-app-nextcloud/config/main.yml @@ -74,9 +74,9 @@ docker: backup: no_stop_required: false turn_server: - onboard_enabled: true # Deactivated because standalone turnserver works with Big Blue Button, so I assume that the nextcloud internal turnserver has it's isssues + onboard_enabled: true standalone_enabled: false - network_mode: host + network_mode: bridge cpus: "1.0" mem_reservation: "256m" mem_limit: "1g" diff --git a/roles/web-app-nextcloud/handlers/main.yml b/roles/web-app-nextcloud/handlers/main.yml deleted file mode 100644 index 2b9c935f..00000000 --- a/roles/web-app-nextcloud/handlers/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -- name: restart nextcloud nginx service - command: - cmd: "docker exec {{ NEXTCLOUD_PROXY_CONTAINER }} nginx -s reload" - listen: restart nextcloud nginx service - ignore_errors: true # Ignoring if container is restarting diff --git a/roles/web-app-nextcloud/tasks/01_fullstack.yml b/roles/web-app-nextcloud/tasks/01_fullstack.yml index c7493705..a97f76f1 100644 --- a/roles/web-app-nextcloud/tasks/01_fullstack.yml +++ b/roles/web-app-nextcloud/tasks/01_fullstack.yml @@ -27,11 +27,10 @@ owner: "{{ NEXTCLOUD_DOCKER_USER_id }}" group: "{{ NEXTCLOUD_DOCKER_USER_id }}" loop: "{{ lookup('fileglob', role_path ~ '/templates/config/*.j2', wantlist=True) }}" - # Not all type of changes take instantly place. Due to this reason a rebuild is required. notify: docker compose up - name: create internal nextcloud nginx configuration template: src: "nginx/docker.conf.j2" dest: "{{ NEXTCLOUD_HOST_NGINX_SRC }}" - notify: restart nextcloud nginx service + notify: docker compose up diff --git a/roles/web-app-nextcloud/tasks/plugins/spreed.yml b/roles/web-app-nextcloud/tasks/plugins/spreed.yml index 5bc34c28..8b399ba3 100644 --- a/roles/web-app-nextcloud/tasks/plugins/spreed.yml +++ b/roles/web-app-nextcloud/tasks/plugins/spreed.yml @@ -5,4 +5,4 @@ flush_handlers: true when: - run_once_web_svc_coturn is not defined - - NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED | bool + - NEXTCLOUD_HPB_TURN_STANDALONE_ENABLED | bool diff --git a/roles/web-app-nextcloud/templates/docker-compose.yml.j2 b/roles/web-app-nextcloud/templates/docker-compose.yml.j2 index 4b44eef7..1c528662 100644 --- a/roles/web-app-nextcloud/templates/docker-compose.yml.j2 +++ b/roles/web-app-nextcloud/templates/docker-compose.yml.j2 @@ -1,6 +1,6 @@ {% include 'roles/docker-compose/templates/base.yml.j2' %} -{% set service_name = 'proxy' %} +{% set service_name = NEXTCLOUD_PROXY_SERVICE %} {{ service_name }}: image: "{{ NEXTCLOUD_PROXY_IMAGE }}:{{ NEXTCLOUD_PROXY_VERSION }}" container_name: "{{ NEXTCLOUD_PROXY_CONTAINER }}" @@ -17,7 +17,7 @@ networks: default: ipv4_address: 192.168.102.67 -{% if NEXTCLOUD_TALK_NETWORK_MODE == 'host' %} +{% if NEXTCLOUD_HPB_NETWORK_MODE == 'host' %} extra_hosts: - "host.docker.internal:host-gateway" {% endif %} @@ -39,33 +39,31 @@ {% include 'roles/docker-container/templates/networks.yml.j2' %} ipv4_address: 192.168.102.69 -{% if NEXTCLOUD_TALK_SIGNALING_ENABLED | bool %} -{% set service_name = 'talk' %} +{% if NEXTCLOUD_HPB_SIGNALING_ENABLED | bool %} +{% set service_name = NEXTCLOUD_HPB_SERVICE %} {{ service_name }}: -{% set container_port = NEXTCLOUD_TALK_SIGNALING_PORT %} +{% set container_port = NEXTCLOUD_HPB_SIGNALING_PORT %} {% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %} - image: "{{ NEXTCLOUD_TALK_IMAGE }}:{{ NEXTCLOUD_TALK_VERSION }}" - container_name: {{ NEXTCLOUD_TALK_CONTAINER }} + image: "{{ NEXTCLOUD_HPB_IMAGE }}:{{ NEXTCLOUD_HPB_VERSION }}" + container_name: {{ NEXTCLOUD_HPB_CONTAINER }} init: true - network_mode: {{ NEXTCLOUD_TALK_NETWORK_MODE }} - volumes: - - {{ NEXTCLOUD_HOST_JANUS_CONF_PATH }}:/usr/local/etc/janus/janus.jcfg:ro -{% if NEXTCLOUD_TALK_NETWORK_MODE == 'bridge' and NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED | bool %} +{% if NEXTCLOUD_HPB_NETWORK_MODE == 'bridge' and NEXTCLOUD_HPB_TURN_ONBOARD_ENABLED | bool %} ports: - - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}/tcp - - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}/udp - - {{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE }}/udp + - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}:{{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}/tcp + - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}:{{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}/udp expose: - "{{ container_port }}" networks: default: ipv4_address: 192.168.102.68 +{% else %} + network_mode: {{ NEXTCLOUD_HPB_NETWORK_MODE }} {% endif %} {% endif %} {% if NEXTCLOUD_WHITEBOARD_ENABLED %} -{% set service_name = 'whiteboard' %} +{% set service_name = NEXTCLOUD_WHITEBOARD_SERVICE %} {{ service_name }}: {% set container_port = NEXTCLOUD_WHITEBOARD_PORT_INTERNAL %} {% include 'roles/docker-container/templates/base.yml.j2' %} @@ -79,7 +77,7 @@ ipv4_address: 192.168.102.71 {% endif %} -{% set service_name = 'cron' %} +{% set service_name = NEXTCLOUD_CRON_SERVICE %} {{ service_name }}: container_name: "{{ NEXTCLOUD_CRON_CONTAINER }}" image: "{{ NEXTCLOUD_IMAGE }}:{{ NEXTCLOUD_VERSION }}" diff --git a/roles/web-app-nextcloud/templates/env.j2 b/roles/web-app-nextcloud/templates/env.j2 index 18586113..50c85aaa 100644 --- a/roles/web-app-nextcloud/templates/env.j2 +++ b/roles/web-app-nextcloud/templates/env.j2 @@ -39,19 +39,19 @@ OVERWRITEPROTOCOL= "{{ WEB_PROTOCOL }}" REDIS_HOST= redis REDIS_PORT= 6379 -{% if NEXTCLOUD_TALK_PLUGIN_ENABLED %} +{% if NEXTCLOUD_HPB_PLUGIN_ENABLED %} # Talk Configuration NC_DOMAIN={{ NEXTCLOUD_DOMAIN }} -TALK_HOST={{ NEXTCLOUD_TALK_DOMAIN }} -TURN_SECRET={{ NEXTCLOUD_TALK_TURN_ONBOARD_SECRET }} -SIGNALING_SECRET={{ NEXTCLOUD_TALK_SIGNALING_SECRET }} -INTERNAL_SECRET={{ NEXTCLOUD_TALK_INTERNAL_SECRET }} +TALK_HOST={{ NEXTCLOUD_HPB_DOMAIN }} +TURN_SECRET={{ NEXTCLOUD_HPB_TURN_ONBOARD_SECRET }} +SIGNALING_SECRET={{ NEXTCLOUD_HPB_SIGNALING_SECRET }} +INTERNAL_SECRET={{ NEXTCLOUD_HPB_INTERNAL_SECRET }} TZ={{ HOST_TIMEZONE }} -TALK_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }} -TURN_MIN_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }} -TURN_MAX_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }} -COTURN_MIN_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }} -COTURN_MAX_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }} +TALK_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }} +TURN_MIN_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_START }} +TURN_MAX_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_END }} +COTURN_MIN_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_START }} +COTURN_MAX_PORT={{ NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_END }} {% endif %} {% if NEXTCLOUD_WHITEBOARD_ENABLED %} diff --git a/roles/web-app-nextcloud/templates/nginx/docker.conf.j2 b/roles/web-app-nextcloud/templates/nginx/docker.conf.j2 index 676c5173..a5865d2a 100644 --- a/roles/web-app-nextcloud/templates/nginx/docker.conf.j2 +++ b/roles/web-app-nextcloud/templates/nginx/docker.conf.j2 @@ -39,7 +39,7 @@ http { #gzip on; upstream php-handler { - server application:9000; + server {{ NEXTCLOUD_SERVICE }}:9000; } server { @@ -192,12 +192,12 @@ http { proxy_read_timeout 3600; } -{% if NEXTCLOUD_TALK_SIGNALING_ENABLED | bool %} - location {{ NEXTCLOUD_TALK_SIGNALING_LOCATION }} { -{% if NEXTCLOUD_TALK_NETWORK_MODE == 'host' %} - proxy_pass http://host.docker.internal:{{ NEXTCLOUD_TALK_SIGNALING_PORT }}/; +{% if NEXTCLOUD_HPB_SIGNALING_ENABLED | bool %} + location {{ NEXTCLOUD_HPB_SIGNALING_LOCATION }} { +{% if NEXTCLOUD_HPB_NETWORK_MODE == 'host' %} + proxy_pass http://host.docker.internal:{{ NEXTCLOUD_HPB_SIGNALING_PORT }}/; {% else %} - proxy_pass http://talk:{{ NEXTCLOUD_TALK_SIGNALING_PORT }}/; + proxy_pass http://talk:{{ NEXTCLOUD_HPB_SIGNALING_PORT }}/; {% endif %} proxy_http_version 1.1; proxy_set_header Host $host; diff --git a/roles/web-app-nextcloud/templates/nginx/host.conf.j2 b/roles/web-app-nextcloud/templates/nginx/host.conf.j2 index a1ba30c6..ac9c019a 100644 --- a/roles/web-app-nextcloud/templates/nginx/host.conf.j2 +++ b/roles/web-app-nextcloud/templates/nginx/host.conf.j2 @@ -17,8 +17,8 @@ server client_body_buffer_size 400M; fastcgi_buffers 64 4K; - {% if NEXTCLOUD_TALK_SIGNALING_ENABLED | bool %} - {% set location_ws = '^~ ' ~ NEXTCLOUD_TALK_SIGNALING_LOCATION %} + {% if NEXTCLOUD_HPB_SIGNALING_ENABLED | bool %} + {% set location_ws = '^~ ' ~ NEXTCLOUD_HPB_SIGNALING_LOCATION %} {% set ws_port = NEXTCLOUD_PORT %} {% include 'roles/sys-svc-proxy/templates/location/ws.conf.j2' %} {% endif %} diff --git a/roles/web-app-nextcloud/vars/main.yml b/roles/web-app-nextcloud/vars/main.yml index b3909f3c..c447a38d 100644 --- a/roles/web-app-nextcloud/vars/main.yml +++ b/roles/web-app-nextcloud/vars/main.yml @@ -1,7 +1,8 @@ --- # General -application_id: "web-app-nextcloud" # Application identifier +application_id: "web-app-nextcloud" container_port: 80 +entity_name: "{{ application_id | get_entity_name }}" # Database database_password: "{{ applications | get_app_conf(application_id, 'credentials.database_password') }}" @@ -45,78 +46,83 @@ NEXTCLOUD_ADMINISTRATOR_USERNAME: "{{ applications | get_app_conf(application_ ### Base NEXTCLOUD_VOLUME: "{{ applications | get_app_conf(application_id, 'docker.volumes.data') }}" -NEXTCLOUD_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.nextcloud.version') }}" -NEXTCLOUD_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.nextcloud.image') }}" -NEXTCLOUD_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.nextcloud.name') }}" +NEXTCLOUD_SERVICE: "{{ entity_name }}" +NEXTCLOUD_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.'~ NEXTCLOUD_SERVICE ~'.version') }}" +NEXTCLOUD_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.'~ NEXTCLOUD_SERVICE ~'.image') }}" +NEXTCLOUD_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.'~ NEXTCLOUD_SERVICE ~'.name') }}" ### Proxy -NEXTCLOUD_PROXY_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.proxy.name') }}" -NEXTCLOUD_PROXY_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.proxy.image') }}" -NEXTCLOUD_PROXY_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.proxy.version') }}" +NEXTCLOUD_PROXY_SERVICE: "proxy" +NEXTCLOUD_PROXY_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_PROXY_SERVICE ~ '.name') }}" +NEXTCLOUD_PROXY_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_PROXY_SERVICE ~ '.image') }}" +NEXTCLOUD_PROXY_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_PROXY_SERVICE ~ '.version') }}" ### Cron -NEXTCLOUD_CRON_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.cron.name') }}" +NEXTCLOUD_CRON_SERVICE: "cron" +NEXTCLOUD_CRON_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_CRON_SERVICE ~ '.name') }}" -### Talk +### High Performance Backend for Talk +# https://github.com/nextcloud-snap/nextcloud-snap/wiki/How-to-configure-talk-HPB-with-Docker #### General -NEXTCLOUD_TALK_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.talk.name') }}" -NEXTCLOUD_TALK_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.talk.image') }}" -NEXTCLOUD_TALK_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.talk.version') }}" -NEXTCLOUD_TALK_PLUGIN_ENABLED: "{{ applications | get_app_conf(application_id, 'plugins.spreed.enabled') }}" -NEXTCLOUD_TALK_NETWORK_MODE: "{{ applications | get_app_conf(application_id, 'docker.services.talk.network_mode') }}" -NEXTCLOUD_TALK_INTERNAL_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_internal_secret') }}" -NEXTCLOUD_TALK_DOMAIN: "{{ NEXTCLOUD_DOMAIN }}" +NEXTCLOUD_HPB_SERVICE: "talk" +NEXTCLOUD_HPB_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_HPB_SERVICE ~ '.name') }}" +NEXTCLOUD_HPB_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_HPB_SERVICE ~ '.image') }}" +NEXTCLOUD_HPB_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_HPB_SERVICE ~ '.version') }}" +NEXTCLOUD_HPB_NETWORK_MODE: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_HPB_SERVICE ~ '.network_mode') }}" +NEXTCLOUD_HPB_PLUGIN_ENABLED: "{{ applications | get_app_conf(application_id, 'plugins.spreed.enabled') }}" +NEXTCLOUD_HPB_INTERNAL_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_internal_secret') }}" +NEXTCLOUD_HPB_DOMAIN: "{{ NEXTCLOUD_DOMAIN }}" #### Signaling -NEXTCLOUD_TALK_SIGNALING_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_signaling_secret') }}" -NEXTCLOUD_TALK_SIGNALING_LOCATION: "/standalone-signaling/" -NEXTCLOUD_TALK_SIGNALING_PORT: "8081" -NEXTCLOUD_TALK_SIGNALING_URL: "{{ [ NEXTCLOUD_URL, NEXTCLOUD_TALK_SIGNALING_LOCATION ] | url_join }}" -NEXTCLOUD_TALK_SIGNALING_ENABLED: "{{ NEXTCLOUD_TALK_PLUGIN_ENABLED }}" +NEXTCLOUD_HPB_SIGNALING_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_signaling_secret') }}" +NEXTCLOUD_HPB_SIGNALING_LOCATION: "/standalone-signaling/" +NEXTCLOUD_HPB_SIGNALING_PORT: "8081" +NEXTCLOUD_HPB_SIGNALING_URL: "{{ [ NEXTCLOUD_URL, NEXTCLOUD_HPB_SIGNALING_LOCATION ] | url_join }}" +NEXTCLOUD_HPB_SIGNALING_ENABLED: "{{ NEXTCLOUD_HPB_PLUGIN_ENABLED }}" #### Talk Turn (Onboard) -NEXTCLOUD_TALK_TURN_ONBOARD_PORT: "{{ ports.public.stun_turn[application_id] }}" -NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.talk.turn_server.onboard_enabled') if NEXTCLOUD_TALK_PLUGIN_ENABLED else false }}" -NEXTCLOUD_TALK_TURN_ONBOARD_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_turn_secret') }}" -NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START: "{{ ports.public.relay_port_ranges[application_id ~ '_start'] }}" -NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END: "{{ ports.public.relay_port_ranges[application_id ~ '_end' ] }}" -NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE: "{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }}-{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }}" -NEXTCLOUD_TALK_STUN_ONBOARD_CONFIG: "{{ NEXTCLOUD_TALK_DOMAIN }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_PORT }}" -NEXTCLOUD_TALK_TURN_ONBOARD_CONFIG: >- +NEXTCLOUD_HPB_TURN_ONBOARD_PORT: "{{ ports.public.stun_turn[application_id] }}" +NEXTCLOUD_HPB_TURN_ONBOARD_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_HPB_SERVICE ~ '.turn_server.onboard_enabled') if NEXTCLOUD_HPB_PLUGIN_ENABLED else false }}" +NEXTCLOUD_HPB_TURN_ONBOARD_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_turn_secret') }}" +NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_START: "{{ ports.public.relay_port_ranges[application_id ~ '_start'] }}" +NEXTCLOUD_HPB_TURN_ONBOARD_RELAY_PORT_END: "{{ ports.public.relay_port_ranges[application_id ~ '_end' ] }}" +NEXTCLOUD_HPB_STUN_ONBOARD_CONFIG: "{{ NEXTCLOUD_HPB_DOMAIN }}:{{ NEXTCLOUD_HPB_TURN_ONBOARD_PORT }}" +NEXTCLOUD_HPB_TURN_ONBOARD_CONFIG: >- {{ { - 'server': NEXTCLOUD_TALK_DOMAIN ~ ':' ~ NEXTCLOUD_TALK_TURN_ONBOARD_PORT, - 'secret': NEXTCLOUD_TALK_TURN_ONBOARD_SECRET, - 'ttl': 86400, - 'protocols': 'udp,tcp' + 'server': NEXTCLOUD_HPB_DOMAIN ~ ':' ~ NEXTCLOUD_HPB_TURN_ONBOARD_PORT, + 'secret': NEXTCLOUD_HPB_TURN_ONBOARD_SECRET, + 'ttl': 86400, + 'protocols': 'udp,tcp' } }} #### Coturn (Standalone) -NEXTCLOUD_TALK_TURN_STANDALONE_ROLE: 'web-svc-coturn' -NEXTCLOUD_TALK_TURN_STANDALONE_PORT: "{{ ports.public.stun_turn[NEXTCLOUD_TALK_TURN_STANDALONE_ROLE] }}" -NEXTCLOUD_TALK_TURN_STANDALONE_SECRET: "{{ applications | get_app_conf(NEXTCLOUD_TALK_TURN_STANDALONE_ROLE, 'credentials.auth_secret') }}" -NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.talk.turn_server.standalone_enabled') if NEXTCLOUD_TALK_PLUGIN_ENABLED else false }}" -NEXTCLOUD_TALK_TURN_STANDALONE_DOMAIN: "{{ domains | get_domain(NEXTCLOUD_TALK_TURN_STANDALONE_ROLE) }}" -NEXTCLOUD_TALK_STUN_STANDALONE_CONFIG: "{{ NEXTCLOUD_TALK_TURN_STANDALONE_DOMAIN }}:{{ NEXTCLOUD_TALK_TURN_STANDALONE_PORT }}" -NEXTCLOUD_TALK_TURN_STANDALONE_CONFIG: >- +NEXTCLOUD_HPB_TURN_STANDALONE_ROLE: 'web-svc-coturn' +NEXTCLOUD_HPB_TURN_STANDALONE_PORT: "{{ ports.public.stun_turn[NEXTCLOUD_HPB_TURN_STANDALONE_ROLE] }}" +NEXTCLOUD_HPB_TURN_STANDALONE_SECRET: "{{ applications | get_app_conf(NEXTCLOUD_HPB_TURN_STANDALONE_ROLE, 'credentials.auth_secret') }}" +NEXTCLOUD_HPB_TURN_STANDALONE_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.talk.turn_server.standalone_enabled') if NEXTCLOUD_HPB_PLUGIN_ENABLED else false }}" +NEXTCLOUD_HPB_TURN_STANDALONE_DOMAIN: "{{ domains | get_domain(NEXTCLOUD_HPB_TURN_STANDALONE_ROLE) }}" +NEXTCLOUD_HPB_STUN_STANDALONE_CONFIG: "{{ NEXTCLOUD_HPB_TURN_STANDALONE_DOMAIN }}:{{ NEXTCLOUD_HPB_TURN_STANDALONE_PORT }}" +NEXTCLOUD_HPB_TURN_STANDALONE_CONFIG: >- {{ { - 'server': NEXTCLOUD_TALK_TURN_STANDALONE_DOMAIN ~ ':' ~ NEXTCLOUD_TALK_TURN_STANDALONE_PORT, - 'secret': NEXTCLOUD_TALK_TURN_STANDALONE_SECRET, - 'ttl': 86400, - 'protocols': 'udp,tcp' + 'server': NEXTCLOUD_HPB_TURN_STANDALONE_DOMAIN ~ ':' ~ NEXTCLOUD_HPB_TURN_STANDALONE_PORT, + 'secret': NEXTCLOUD_HPB_TURN_STANDALONE_SECRET, + 'ttl': 86400, + 'protocols': 'udp,tcp' } }} ### Whiteboard -NEXTCLOUD_WHITEBOARD_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.whiteboard.name') }}" -NEXTCLOUD_WHITEBOARD_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.whiteboard.image') }}" -NEXTCLOUD_WHITEBOARD_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.whiteboard.version') }}" -NEXTCLOUD_WHITEBOARD_ENABLED: "{{ applications | get_app_conf(application_id, 'plugins.whiteboard.enabled') }}" +NEXTCLOUD_WHITEBOARD_SERVICE: "whiteboard" +NEXTCLOUD_WHITEBOARD_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_WHITEBOARD_SERVICE ~'.name') }}" +NEXTCLOUD_WHITEBOARD_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_WHITEBOARD_SERVICE ~'.image') }}" +NEXTCLOUD_WHITEBOARD_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ NEXTCLOUD_WHITEBOARD_SERVICE ~'.version') }}" +NEXTCLOUD_WHITEBOARD_ENABLED: "{{ applications | get_app_conf(application_id, 'plugins.' ~ NEXTCLOUD_WHITEBOARD_SERVICE ~'.enabled') }}" NEXTCLOUD_WHITEBOARD_PORT_INTERNAL: "3002" -NEXTCLOUD_WHITEBOARD_JWT: "{{ applications | get_app_conf(application_id, 'credentials.whiteboard_jwt_secret') }}" +NEXTCLOUD_WHITEBOARD_JWT: "{{ applications | get_app_conf(application_id, 'credentials.' ~ NEXTCLOUD_WHITEBOARD_SERVICE ~'_jwt_secret') }}" NEXTCLOUD_WHITEBOARD_LOCATION: "/whiteboard/" NEXTCLOUD_WHITEBOARD_URL: "{{ [ NEXTCLOUD_URL, NEXTCLOUD_WHITEBOARD_LOCATION ] | url_join }}" diff --git a/roles/web-app-nextcloud/vars/plugins/spreed.yml b/roles/web-app-nextcloud/vars/plugins/spreed.yml index 491aa92f..d041d44b 100644 --- a/roles/web-app-nextcloud/vars/plugins/spreed.yml +++ b/roles/web-app-nextcloud/vars/plugins/spreed.yml @@ -3,8 +3,8 @@ plugin_configuration: - appid: "spreed" configkey: "signaling_servers" configvalue: "{{ { - 'servers': [ { 'server': NEXTCLOUD_TALK_SIGNALING_URL, 'verify': True, 'alias': 'primary' } ], - 'secret': NEXTCLOUD_TALK_SIGNALING_SECRET + 'servers': [ { 'server': NEXTCLOUD_HPB_SIGNALING_URL, 'verify': True, 'alias': 'primary' } ], + 'secret': NEXTCLOUD_HPB_SIGNALING_SECRET } | to_json }}" # stun_servers: JSON array of strings @@ -13,8 +13,8 @@ plugin_configuration: configvalue: >- {{ [ - NEXTCLOUD_TALK_STUN_ONBOARD_CONFIG if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED else none, - NEXTCLOUD_TALK_STUN_STANDALONE_CONFIG if NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED else none + NEXTCLOUD_HPB_STUN_ONBOARD_CONFIG if NEXTCLOUD_HPB_TURN_ONBOARD_ENABLED else none, + NEXTCLOUD_HPB_STUN_STANDALONE_CONFIG if NEXTCLOUD_HPB_TURN_STANDALONE_ENABLED else none ] | select | list @@ -27,8 +27,8 @@ plugin_configuration: configvalue: >- {{ [ - NEXTCLOUD_TALK_TURN_ONBOARD_CONFIG if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED else none, - NEXTCLOUD_TALK_TURN_STANDALONE_CONFIG if NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED else none + NEXTCLOUD_HPB_TURN_ONBOARD_CONFIG if NEXTCLOUD_HPB_TURN_ONBOARD_ENABLED else none, + NEXTCLOUD_HPB_TURN_STANDALONE_CONFIG if NEXTCLOUD_HPB_TURN_STANDALONE_ENABLED else none ] | select | list @@ -38,4 +38,4 @@ plugin_configuration: # internal secret (plain string) - appid: "spreed" configkey: "internal_secret" - configvalue: "{{ NEXTCLOUD_TALK_INTERNAL_SECRET }}" + configvalue: "{{ NEXTCLOUD_HPB_INTERNAL_SECRET }}"