feat(coturn): add dedicated web-svc-coturn role with schema, ports, network, and docker-compose template

- registered subnet 192.168.104.48/28 for coturn in group_vars/all/09_networks.yml - defined public ports for stun/turn and relay port range in group_vars/all/10_ports.yml - removed obsolete TODO.md and env.j2 from role - added schema/main.yml with credentials validation (user_password, auth_secret) - refactored tasks to load sys-stk-back-stateless instead of sys-stk-full-stateful - implemented docker-compose.yml.j2 with auth-secret + lt-cred-mech and TLS config - restructured vars/main.yml with docker, ports, credentials, and certificates - updated config/main.yml.j2 with canonical domain and service definitions Conversation: https://chatgpt.com/share/68d6c4a8-d524-800f-9592-e8a3407cd721
2025-10-10 02:38:10 +02:00 · 2025-09-26 18:52:13 +02:00
parent 63da669c33
commit 3cc4014edf
9 changed files with 96 additions and 50 deletions
--- a/group_vars/all/09_networks.yml
+++ b/group_vars/all/09_networks.yml
@@ -110,6 +110,8 @@ defaults_networks:
      subnet: 192.168.104.16/28
    web-app-minio:
      subnet: 192.168.104.32/28
+    web-svc-coturn:
+      subnet: 192.168.104.48/28

    # /24 Networks / 254 Usable Clients
    web-app-bigbluebutton:
--- a/group_vars/all/10_ports.yml
+++ b/group_vars/all/10_ports.yml
@@ -84,16 +84,22 @@ ports:
  public:
    # The following ports should be changed to 22 on the subdomain via stream mapping
    ssh:
-      web-app-gitea: 2201
-      web-app-gitlab: 2202
+      web-app-gitea:          2201
+      web-app-gitlab:         2202
    ldaps:
-      svc-db-openldap: 636
+      svc-db-openldap:        636
    stun:
-      web-app-bigbluebutton: 3478    # Not sure if it's right placed here or if it should be moved to localhost section
-      # Occupied by BBB:     3479
-      web-app-nextcloud:     3480
+      web-app-bigbluebutton:  3478  # Not sure if it's right placed here or if it should be moved to localhost section
+      # Occupied by BBB:      3479
+      web-app-nextcloud:      3480
+      web-app-coturn:         3481
    turn:
-      web-app-bigbluebutton: 5349    # Not sure if it's right placed here or if it should be moved to localhost section
-      web-app-nextcloud:     5350        # Not used yet
+      web-app-bigbluebutton:  5349  # Not sure if it's right placed here or if it should be moved to localhost section
+      web-app-nextcloud:      5350  # Not used yet
+      web-app-coturn:         5351
    federation:
      web-app-matrix_synapse: 8448
+    relay_port_ranges:
+      web-app-coturn_start:   49152
+      web-app-coturn_end:     65535
+