mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-10-24 06:55:36 +00:00
bbb: WIP—stabilize env/compose wiring & prep SFU override
Context: debugging mediasoup/WebRTC failures caused by empty/interpolated vars (EXTERNAL_IPv4, etc.). - Normalize config/main.yml (ip6_enabled flag, enable greenlight/coturn) and tidy formatting. - Extend vars/main.yml with BBB_* switches (IPv6, Greenlight, Coturn), TURN/Coturn cert paths. - env.j2: wire secrets & toggles, guard IPv6 via BBB_IP6_ENABLED, switch LDAP/OIDC to role flags, add TURN/STUN, and general cleanup. - tasks/main.yml: use BBB_* fact names, robust path joins, write docker-compose.override.yml, and notify compose on env/override changes. - tasks/01_docker-compose.yml: reference new BBB_DOCKER_COMPOSE_* facts. - Add templates/docker-compose.override.yml.j2 (placeholder for SFU overrides to avoid bad defaults during runs). Rationale: make Compose brings deterministic (no empty ), paving the way to set MS_WEBRTC_LISTEN_IPS in override without risk. Chat reference: debugging thread with GPT-5 Thinking on 2025-09-26 https://chatgpt.com/share/68d59d98-4388-800f-a627-07b6a603d0b2.
This commit is contained in:
@@ -1,7 +1,9 @@
|
||||
ENABLE_COTURN=true
|
||||
COTURN_TLS_CERT_PATH={{ [ LETSENCRYPT_LIVE_PATH, ssl_cert_folder] | path_join }}/fullchain.pem
|
||||
COTURN_TLS_KEY_PATH={{ [ LETSENCRYPT_LIVE_PATH, ssl_cert_folder] | path_join }}/privkey.pem
|
||||
ENABLE_GREENLIGHT={{ applications | get_app_conf(application_id, 'enable_greenlight', True) }}
|
||||
# Coturn
|
||||
ENABLE_COTURN={{ BBB_COTURN_ENABLED }}
|
||||
COTURN_TLS_CERT_PATH={{ BBB_COTURN_TLS_CERT_PATH }}
|
||||
COTURN_TLS_KEY_PATH={{ BBB_COTURN_TLS_KEY_PATH }}
|
||||
|
||||
ENABLE_GREENLIGHT={{ BBB_GREENLIGHT_ENABLED }}
|
||||
|
||||
# Enable Webhooks
|
||||
# used by some integrations
|
||||
@@ -39,9 +41,9 @@ FSESL_PASSWORD={{ BBB_FSESL_PASSWORD }}
|
||||
|
||||
DOMAIN={{ domain }}
|
||||
|
||||
# IP
|
||||
EXTERNAL_IPv4={{ networks.internet.ip4 }}
|
||||
# The following line is not tested and could lead to bugs:
|
||||
EXTERNAL_IPv6={{ networks.internet.ip6 }}
|
||||
EXTERNAL_IPv6={{ networks.internet.ip6 if BBB_IP6_ENABLED else '' }}
|
||||
|
||||
# STUN SERVER
|
||||
# stun.freeswitch.org
|
||||
@@ -158,7 +160,7 @@ OFFICE365_HD=
|
||||
# It is useful for cases when Greenlight is deployed behind a Network Load Balancer or proxy
|
||||
OAUTH2_REDIRECT=
|
||||
|
||||
{% if applications | get_app_conf(application_id, 'features.ldap', False) %}
|
||||
{% if BBB_LDAP_ENABLED | bool %}
|
||||
# LDAP Login Provider (optional)
|
||||
#
|
||||
# You can enable LDAP authentication by providing values for the variables below.
|
||||
@@ -283,7 +285,7 @@ HELP_URL=https://docs.bigbluebutton.org/greenlight/gl-overview.html
|
||||
# approval - For approve/decline registration
|
||||
DEFAULT_REGISTRATION=invite
|
||||
|
||||
{% if applications | get_app_conf(application_id, 'features.oidc', False) %}
|
||||
{% if BBB_OIDC_ENABLED | bool %}
|
||||
### EXTERNAL AUTHENTICATION METHODS
|
||||
# @See https://docs.bigbluebutton.org/greenlight/v3/external-authentication/
|
||||
#
|
||||
|
Reference in New Issue
Block a user