kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-10 10:48:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

feat(coturn): add dedicated web-svc-coturn role with schema, ports, network, and docker-compose template

Browse Source 
- registered subnet 192.168.104.48/28 for coturn in group_vars/all/09_networks.yml
- defined public ports for stun/turn and relay port range in group_vars/all/10_ports.yml
- removed obsolete TODO.md and env.j2 from role
- added schema/main.yml with credentials validation (user_password, auth_secret)
- refactored tasks to load sys-stk-back-stateless instead of sys-stk-full-stateful
- implemented docker-compose.yml.j2 with auth-secret + lt-cred-mech and TLS config
- restructured vars/main.yml with docker, ports, credentials, and certificates
- updated config/main.yml.j2 with canonical domain and service definitions

Conversation: https://chatgpt.com/share/68d6c4a8-d524-800f-9592-e8a3407cd721
This commit is contained in:
Kevin Veen-Birkenbach
2025-09-26 18:52:13 +02:00
parent 63da669c33
commit 3cc4014edf
9 changed files with 96 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
roles/web-svc-coturn/vars/main.yml
View File

@@ -1,2 +1,28 @@
application_id: "web-svc-coturn"
container_port: 3000
# General
application_id: "web-svc-coturn"
entity_name: "{{ application_id | get_entity_name }}"
domain: "{{ domains | get_domain(application_id) }}"
# Coturn
## Docker
COTURN_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ entity_name ~ '.version') }}"
COTURN_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ entity_name ~ '.image') }}"
COTURN_VOLUME: "{{ entity_name }}"
COTURN_REALM: "{{ domain }}"
## Ports
COTURN_TURN_PORT: "{{ ports.public.turn[application_id] }}"
COTURN_STUN_PORT: "{{ ports.public.stun[application_id] }}"
COTURN_RELAY_PORT_START: "{{ ports.public.relay_port_ranges[application_id ~ '_start'] }}"
COTURN_RELAY_PORT_END: "{{ ports.public.relay_port_ranges[application_id ~ '_end' ] }}"
COTURN_RELAY_PORT_RANGE: "{{ COTURN_RELAY_PORT_START }}-{{ COTURN_RELAY_PORT_END }}"
## Credentials
COTURN_USER_NAME: "{{ applications | get_app_conf(application_id, 'credentials.user_name') }}"
COTURN_USER_PASSWORD: "{{ applications | get_app_conf(application_id, 'credentials.user_password') }}"
COTURN_STATIC_AUTH_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.auth_secret') }}"
## Certificates
COTURN_TLS_CERT_PATH: "{{ [ LETSENCRYPT_LIVE_PATH, ssl_cert_folder, 'fullchain.pem' ] | path_join }}"
COTURN_TLS_KEY_PATH: "{{ [ LETSENCRYPT_LIVE_PATH, ssl_cert_folder, 'privkey.pem' ] | path_join }}"