From 27d33435f8913299171c9c06e1bb3874b1fbaaa4 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Fri, 26 Sep 2025 18:53:21 +0200 Subject: [PATCH] fix(bbb): align TURN/STUN configuration with shared coturn service MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - added entity_name to vars for consistent docker.service lookup - switched docker_repository_* vars to use entity_name dynamically - introduced BBB_TURN_DOMAIN, BBB_TURN_PORT, and BBB_STUN_PORT → fallback to web-svc-coturn when BBB_COTURN_ENABLED is false - updated env.j2 to use new BBB_TURN_* vars instead of hardcoded domain/ports - cleaned up obsolete comments and spacing Conversation: https://chatgpt.com/share/68d6c4a8-d524-800f-9592-e8a3407cd721 --- roles/web-app-bigbluebutton/templates/env.j2 | 10 +++++----- roles/web-app-bigbluebutton/vars/main.yml | 11 +++++++++-- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/roles/web-app-bigbluebutton/templates/env.j2 b/roles/web-app-bigbluebutton/templates/env.j2 index 45468fa3..d1d3e998 100644 --- a/roles/web-app-bigbluebutton/templates/env.j2 +++ b/roles/web-app-bigbluebutton/templates/env.j2 @@ -1,5 +1,7 @@ # Coturn ENABLE_COTURN={{ BBB_COTURN_ENABLED }} + +# Credentials COTURN_TLS_CERT_PATH={{ BBB_COTURN_TLS_CERT_PATH }} COTURN_TLS_KEY_PATH={{ BBB_COTURN_TLS_KEY_PATH }} @@ -49,12 +51,11 @@ EXTERNAL_IPv6={{ networks.internet.ip6 }} # STUN SERVER # stun.freeswitch.org -STUN_IP={{ networks.internet.ip4 }} -STUN_PORT={{ ports.public.stun[application_id] }} +STUN_IP={{ BBB_TURN_DOMAIN }} +STUN_PORT={{ BBB_STUN_PORT }} # TURN SERVER -# uncomment and adjust following two lines to add an external TURN server -TURN_SERVER=turns:{{ domain }}:{{ ports.public.turn[application_id] }}?transport=tcp +TURN_SERVER=turns:{{ BBB_TURN_DOMAIN }}:{{ BBB_TURN_PORT }}?transport=tcp TURN_SECRET={{ BBB_TURN_SECRET }} # Allowed SIP IPs @@ -63,7 +64,6 @@ TURN_SECRET={{ BBB_TURN_SECRET }} # Hint: if you want to allow requests from every IP, you can use 0.0.0.0/0 SIP_IP_ALLOWLIST= - # ==================================== # CUSTOMIZATION # ==================================== diff --git a/roles/web-app-bigbluebutton/vars/main.yml b/roles/web-app-bigbluebutton/vars/main.yml index 535e2f72..23f646ea 100644 --- a/roles/web-app-bigbluebutton/vars/main.yml +++ b/roles/web-app-bigbluebutton/vars/main.yml @@ -1,5 +1,6 @@ # General application_id: "web-app-bigbluebutton" +entity_name: "{{ application_id | get_entity_name }}" # Database configuration database_type: "postgres" @@ -14,8 +15,8 @@ http_port: "{{ ports.localhost.http[application_id] } # Docker docker_compose_file_creation_enabled: false # Handled in this role -docker_repository_address: "{{ applications | get_app_conf(application_id, 'docker.services.bigbluebutton.repository') }}" -docker_repository_branch: "{{ applications | get_app_conf(application_id, 'docker.services.bigbluebutton.version') }}" +docker_repository_address: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ entity_name ~ '.repository') }}" +docker_repository_branch: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ entity_name ~ '.version') }}" docker_pull_git_repository: true # BigBlueButton @@ -28,9 +29,15 @@ BBB_POSTGRESQL_SECRET: "{{ applications | get_app_conf(applicatio BBB_FSESL_PASSWORD: "{{ applications | get_app_conf(application_id, 'credentials.fsesl_password') }}" BBB_TURN_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.turn_secret') }}" +## TLS BBB_COTURN_TLS_CERT_PATH: "{{ [ LETSENCRYPT_LIVE_PATH, ssl_cert_folder, 'fullchain.pem'] | path_join }}" BBB_COTURN_TLS_KEY_PATH: "{{ [ LETSENCRYPT_LIVE_PATH, ssl_cert_folder, 'privkey.pem'] | path_join }}" +## Turn +BBB_TURN_DOMAIN: "{{ networks.internet.ip4 if BBB_COTURN_ENABLED else domains | get_domain('web-svc-coturn') }}" +BBB_TURN_PORT: "{{ ports.public.turn[application_id] if BBB_COTURN_ENABLED else ports.public.turn['web-svc-coturn'] }}" +BBB_STUN_PORT: "{{ ports.public.turn[application_id] if BBB_COTURN_ENABLED else ports.public.stun['web-svc-coturn'] }}" + ## Switchs ### Network