mirror of
				https://github.com/kevinveenbirkenbach/computer-playbook.git
				synced 2025-10-31 10:19:09 +00:00 
			
		
		
		
	Optimized Nextcloud variables
This commit is contained in:
		| @@ -51,8 +51,10 @@ docker: | ||||
|       version:            "latest" | ||||
|       backup: | ||||
|         no_stop_required: false | ||||
|       internal:           true | ||||
|       network_mode:       host | ||||
|       turn_server: | ||||
|         onboard_enabled:    true | ||||
|         standalone_enabled: true | ||||
|       network_mode:         host | ||||
|     whiteboard: | ||||
|       name:               "nextcloud-whiteboard" | ||||
|       image:              "ghcr.io/nextcloud-releases/whiteboard" | ||||
|   | ||||
| @@ -33,5 +33,5 @@ | ||||
| - name: create internal nextcloud nginx configuration | ||||
|   template: | ||||
|     src:  "nginx/docker.conf.j2"  | ||||
|     dest: "{{ [docker_compose.directories.volumes, 'nginx.conf'] | path_join }}" | ||||
|     dest: "{{ NEXTCLOUD_HOST_NGINX_SRC }}" | ||||
|   notify: restart nextcloud nginx service | ||||
|   | ||||
| @@ -35,5 +35,3 @@ | ||||
|     plugin_key:   "{{ plugin_item.key }}" | ||||
|     plugin_value: "{{ plugin_item.value }}" | ||||
|   when: NEXTCLOUD_PLUGINS_ENABLED | ||||
|  | ||||
|  | ||||
|   | ||||
| @@ -5,3 +5,4 @@ | ||||
|     flush_handlers: true | ||||
|   when:     | ||||
|     - run_once_web_svc_coturn is not defined | ||||
|     - NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED | bool | ||||
|   | ||||
| @@ -5,7 +5,7 @@ | ||||
| return 'turn_servers' => [ | ||||
|     [ | ||||
|         'host' => 'coturn', | ||||
|         'port' => 3478, | ||||
|         'port' => {{ NEXTCLOUD_TALK_TURN_ONBOARD_STUN_PORT }}, | ||||
|         'secret' => 'my-secret-key', | ||||
|         'protocols' => 'udp,tcp' | ||||
|     ] | ||||
|   | ||||
| @@ -7,9 +7,9 @@ | ||||
|       driver: journald | ||||
|     restart: {{ DOCKER_RESTART_POLICY }} | ||||
|     ports: | ||||
|       - "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ container_port }}" | ||||
|       - "127.0.0.1:{{ NEXTCLOUD_PORT }}:{{ container_port }}" | ||||
|     volumes: | ||||
|         - "{{ docker_compose.directories.volumes }}nginx.conf:/etc/nginx/nginx.conf:ro" | ||||
|         - "{{ NEXTCLOUD_HOST_NGINX_SRC }}:/etc/nginx/nginx.conf:ro" | ||||
|     volumes_from: | ||||
|       - application | ||||
| {% include 'roles/docker-container/templates/healthcheck/curl.yml.j2'  %} | ||||
| @@ -37,9 +37,9 @@ | ||||
| {% include 'roles/docker-container/templates/networks.yml.j2' %} | ||||
|         ipv4_address: 192.168.102.69 | ||||
|  | ||||
| {% if NEXTCLOUD_TALK_SERVICE_ENABLED %} | ||||
| {% if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED | bool %} | ||||
|   talk: | ||||
| {% set container_port = NEXTCLOUD_TALK_PORT_INTERNAL %} | ||||
| {% set container_port = NEXTCLOUD_TALK_SIGNALING_PORT %} | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
| {% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %} | ||||
|     image: "{{ NEXTCLOUD_TALK_IMAGE }}:{{ NEXTCLOUD_TALK_VERSION }}" | ||||
| @@ -48,9 +48,9 @@ | ||||
|     network_mode: {{ NEXTCLOUD_TALK_NETWORK_MODE }} | ||||
| {% if NEXTCLOUD_TALK_NETWORK_MODE == 'bridge' %} | ||||
|     ports: | ||||
|       - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_STUN_PORT }}:{{ NEXTCLOUD_TALK_INT_TURN_PORT }}/tcp | ||||
|       - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_STUN_PORT }}:{{ NEXTCLOUD_TALK_INT_TURN_PORT }}/udp | ||||
|       - {{ NEXTCLOUD_TALK_RELAY_PORT_RANGE }}:{{ NEXTCLOUD_TALK_RELAY_PORT_RANGE }}/udp | ||||
|       - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_STUN_PORT }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_STUN_PORT }}/tcp | ||||
|       - {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_STUN_PORT }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_STUN_PORT }}/udp | ||||
|       - {{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE }}/udp | ||||
|     expose: | ||||
|       - "{{ container_port }}" | ||||
|     networks: | ||||
|   | ||||
| @@ -24,7 +24,7 @@ MAIL_FROM_ADDRESS=              "{{ users['no-reply'].username }}" | ||||
| MAIL_DOMAIN=                    "{{ SYSTEM_EMAIL.DOMAIN }}" | ||||
|  | ||||
| # Initial Admin Data | ||||
| NEXTCLOUD_ADMIN_USER=           "{{ NEXTCLOUD_ADMINISTRATOR_USER }}" | ||||
| NEXTCLOUD_ADMIN_USER=           "{{ NEXTCLOUD_ADMINISTRATOR_USERNAME }}" | ||||
| NEXTCLOUD_ADMIN_PASSWORD=       "{{ NEXTCLOUD_ADMINISTRATOR_PASSWORD }}" | ||||
|  | ||||
| # Security | ||||
| @@ -43,15 +43,15 @@ REDIS_PORT=                     6379 | ||||
| # Talk Configuration | ||||
| NC_DOMAIN={{ NEXTCLOUD_DOMAIN }} | ||||
| TALK_HOST={{ NEXTCLOUD_TALK_DOMAIN }} | ||||
| TURN_SECRET={{ NEXTCLOUD_TALK_TURN_SECRET }} | ||||
| TURN_SECRET={{ NEXTCLOUD_TALK_TURN_ONBOARD_SECRET }} | ||||
| SIGNALING_SECRET={{ NEXTCLOUD_TALK_SIGNALING_SECRET }} | ||||
| INTERNAL_SECRET={{ NEXTCLOUD_TALK_INTERNAL_SECRET }} | ||||
| TZ={{ HOST_TIMEZONE }} | ||||
| TALK_PORT={{ NEXTCLOUD_TALK_INT_TURN_PORT }} | ||||
| TURN_MIN_PORT={{ NEXTCLOUD_TALK_RELAY_PORT_START }} | ||||
| TURN_MAX_PORT={{ NEXTCLOUD_TALK_RELAY_PORT_END }} | ||||
| COTURN_MIN_PORT={{ NEXTCLOUD_TALK_RELAY_PORT_START }} | ||||
| COTURN_MAX_PORT={{ NEXTCLOUD_TALK_RELAY_PORT_END }} | ||||
| TALK_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_STUN_PORT }} | ||||
| TURN_MIN_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }} | ||||
| TURN_MAX_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }} | ||||
| COTURN_MIN_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }} | ||||
| COTURN_MAX_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }} | ||||
| {% endif %} | ||||
|  | ||||
| {% if NEXTCLOUD_WHITEBOARD_ENABLED %} | ||||
|   | ||||
| @@ -190,12 +190,12 @@ http { | ||||
|             proxy_read_timeout 3600; | ||||
|         } | ||||
|  | ||||
| {% if NEXTCLOUD_TALK_SERVICE_ENABLED %} | ||||
|         location {{ NEXTCLOUD_TALK_LOCATION }} { | ||||
| {% if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED | bool %} | ||||
|         location {{ NEXTCLOUD_TALK_SIGNALING_LOCATION }} { | ||||
| {% if NEXTCLOUD_TALK_NETWORK_MODE == 'host' %} | ||||
|             proxy_pass http://host.docker.internal:{{ NEXTCLOUD_TALK_PORT_INTERNAL }}/; | ||||
|             proxy_pass http://host.docker.internal:{{ NEXTCLOUD_TALK_SIGNALING_PORT }}/; | ||||
| {% else %} | ||||
|             proxy_pass http://talk:{{ NEXTCLOUD_TALK_PORT_INTERNAL }}/; | ||||
|             proxy_pass http://talk:{{ NEXTCLOUD_TALK_SIGNALING_PORT }}/; | ||||
| {% endif %} | ||||
|             proxy_http_version 1.1; | ||||
|             proxy_set_header   Host              $host; | ||||
|   | ||||
| @@ -8,16 +8,15 @@ database_password:                  "{{ applications | get_app_conf(application_ | ||||
| database_type:                      "mariadb"                                                                                   # Database flavor | ||||
|  | ||||
| # Nextcloud  | ||||
|  | ||||
| ## General  | ||||
| NEXTCLOUD_DOMAIN:                   "{{ domains | get_domain(application_id) }}" | ||||
| NEXTCLOUD_PORT:                     "{{ ports.localhost.http[application_id] }}" | ||||
| NEXTCLOUD_URL:                      "{{ domains | get_url(application_id, WEB_PROTOCOL) }}" | ||||
|  | ||||
| NEXTCLOUD_PLUGINS_ENABLED:          "{{ applications | get_app_conf(application_id, 'plugins_enabled') }}" | ||||
| NEXTCLOUD_ADMINISTRATOR_USERNAME:   "{{ applications | get_app_conf(application_id, 'users.administrator.username') }}" | ||||
|  | ||||
| ## Plugins | ||||
| NEXTCLOUD_PLUGIN_ITEMS:             "{{ applications | get_app_conf(application_id, 'plugins') | dict2items }}" | ||||
| NEXTCLOUD_PLUGINS_ENABLED:          "{{ applications | get_app_conf(application_id, 'plugins_enabled') }}" | ||||
|  | ||||
| ## Paths | ||||
|  | ||||
| @@ -25,6 +24,7 @@ NEXTCLOUD_PLUGIN_ITEMS:             "{{ applications | get_app_conf(application_ | ||||
| NEXTCLOUD_HOST_CONF_ADD_PATH:       "{{ [ docker_compose.directories.volumes, 'infinito' ] | path_join }}"              # This folder is the path to which the additive configurations will be copied | ||||
| NEXTCLOUD_HOST_INCL_PATH:           "{{ [ docker_compose.directories.volumes, 'includes.php' ] | path_join }}"          # Path to the instruction file on the host. Responsible for loading the additional configurations | ||||
| NEXTCLOUD_HOST_NGINX_PATH:          "{{ [ NGINX.DIRECTORIES.HTTP.SERVERS, NEXTCLOUD_DOMAIN ~ '.conf' ] | path_join }}"  # Nginx path for proxy conf | ||||
| NEXTCLOUD_HOST_NGINX_SRC:           "{{ [ docker_compose.directories.volumes, 'nginx.conf' ] | path_join }}"  | ||||
|  | ||||
| ## Control Node | ||||
| NEXTCLOUD_CNODE_PLUGIN_VARS_PATH:   "{{ [role_path, 'vars/plugins/'] | path_join }}"                                 # Folder in which the files for the plugin configuration are stored | ||||
| @@ -38,8 +38,8 @@ NEXTCLOUD_DOCKER_CONF_ADD_PATH:     "{{ [ NEXTCLOUD_DOCKER_CONF_DIRECTORY, 'infi | ||||
| NEXTCLOUD_DOCKER_INCL_PATH:         "/tmp/includes.php"                                                   # Path to the temporary file which will be included to the config.php to load the additional configurations | ||||
|  | ||||
| ## Administrator | ||||
| NEXTCLOUD_ADMINISTRATOR_USER:       "{{ applications | get_app_conf(application_id, 'users.administrator.username') }}" | ||||
| NEXTCLOUD_ADMINISTRATOR_PASSWORD:   "{{ applications | get_app_conf(application_id, 'credentials.administrator_password') }}" | ||||
| NEXTCLOUD_ADMINISTRATOR_USERNAME:   "{{ applications | get_app_conf(application_id, 'users.administrator.username') }}" | ||||
|  | ||||
| ## Docker | ||||
|  | ||||
| @@ -57,29 +57,37 @@ NEXTCLOUD_PROXY_VERSION:            "{{ applications | get_app_conf(application_ | ||||
| ### Cron | ||||
| NEXTCLOUD_CRON_CONTAINER:           "{{ applications | get_app_conf(application_id, 'docker.services.cron.name') }}" | ||||
|  | ||||
| ### Talk  | ||||
| #### Service | ||||
| _NEXTCLOUD_COTURN_STANDALONE_ROLE: 'web-svc-coturn' | ||||
| NEXTCLOUD_TALK_CONTAINER:           "{{ applications | get_app_conf(application_id, 'docker.services.talk.name') }}" | ||||
| NEXTCLOUD_TALK_IMAGE:               "{{ applications | get_app_conf(application_id, 'docker.services.talk.image') }}" | ||||
| NEXTCLOUD_TALK_VERSION:             "{{ applications | get_app_conf(application_id, 'docker.services.talk.version') }}" | ||||
| NEXTCLOUD_TALK_PLUGIN_ENABLED:      "{{ applications | get_app_conf(application_id, 'plugins.spreed.enabled') }}" | ||||
| NEXTCLOUD_TALK_SERVICE_ENABLED:     "{{ applications | get_app_conf(application_id, 'docker.services.talk.internal')  if NEXTCLOUD_TALK_PLUGIN_ENABLED  else false }}" | ||||
| NEXTCLOUD_TALK_TURN_SECRET:         "{{ applications | get_app_conf(application_id, 'credentials.talk_turn_secret')   if NEXTCLOUD_TALK_SERVICE_ENABLED else applications | get_app_conf(_NEXTCLOUD_COTURN_STANDALONE_ROLE, 'credentials.auth_secret') }}" | ||||
| NEXTCLOUD_TALK_SIGNALING_SECRET:    "{{ applications | get_app_conf(application_id, 'credentials.talk_signaling_secret') }}" | ||||
| NEXTCLOUD_TALK_INTERNAL_SECRET:     "{{ applications | get_app_conf(application_id, 'credentials.talk_internal_secret') }}" | ||||
| NEXTCLOUD_TALK_LOCATION:            "/standalone-signaling/" | ||||
| NEXTCLOUD_TALK_PORT_INTERNAL:       "8081" | ||||
| NEXTCLOUD_TALK_INT_TURN_PORT:       "3478" | ||||
| NEXTCLOUD_TALK_RELAY_PORT_START:    "{{ ports.public.relay_port_ranges[application_id ~ '_start'] }}" | ||||
| NEXTCLOUD_TALK_RELAY_PORT_END:      "{{ ports.public.relay_port_ranges[application_id ~ '_end'  ] }}" | ||||
| NEXTCLOUD_TALK_RELAY_PORT_RANGE:    "{{ NEXTCLOUD_TALK_RELAY_PORT_START }}-{{ NEXTCLOUD_TALK_RELAY_PORT_END }}" | ||||
| NEXTCLOUD_TALK_NETWORK_MODE:        "{{ applications | get_app_conf(application_id, 'docker.services.talk.network_mode') }}" | ||||
| ### Talk | ||||
|  | ||||
| # Connection | ||||
| NEXTCLOUD_TALK_STUN_PORT:           "{{ ports.public.stun_turn[application_id] if NEXTCLOUD_TALK_SERVICE_ENABLED else ports.public.stun_turn[_NEXTCLOUD_COTURN_STANDALONE_ROLE] }}" | ||||
| NEXTCLOUD_TALK_DOMAIN:              "{{ NEXTCLOUD_DOMAIN if NEXTCLOUD_TALK_SERVICE_ENABLED else (domains | get_domain(_NEXTCLOUD_COTURN_STANDALONE_ROLE)) }}" | ||||
| NEXTCLOUD_TALK_SIGNALING_URL:       "{{ [ NEXTCLOUD_URL, NEXTCLOUD_TALK_LOCATION ] | url_join }}" | ||||
| #### General | ||||
| NEXTCLOUD_TALK_CONTAINER:             "{{ applications | get_app_conf(application_id, 'docker.services.talk.name') }}" | ||||
| NEXTCLOUD_TALK_IMAGE:                 "{{ applications | get_app_conf(application_id, 'docker.services.talk.image') }}" | ||||
| NEXTCLOUD_TALK_VERSION:               "{{ applications | get_app_conf(application_id, 'docker.services.talk.version') }}" | ||||
| NEXTCLOUD_TALK_PLUGIN_ENABLED:        "{{ applications | get_app_conf(application_id, 'plugins.spreed.enabled') }}" | ||||
| NEXTCLOUD_TALK_NETWORK_MODE:          "{{ applications | get_app_conf(application_id, 'docker.services.talk.network_mode') }}" | ||||
| NEXTCLOUD_TALK_INTERNAL_SECRET:       "{{ applications | get_app_conf(application_id, 'credentials.talk_internal_secret') }}" | ||||
| NEXTCLOUD_TALK_DOMAIN:                "{{ NEXTCLOUD_DOMAIN if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED else (domains | get_domain(NEXTCLOUD_TALK_TURN_STANDALONE_ROLE)) }}" | ||||
|  | ||||
| #### Signaling | ||||
| NEXTCLOUD_TALK_SIGNALING_SECRET:      "{{ applications | get_app_conf(application_id, 'credentials.talk_signaling_secret') }}" | ||||
| NEXTCLOUD_TALK_SIGNALING_LOCATION:    "/standalone-signaling/" | ||||
| NEXTCLOUD_TALK_SIGNALING_PORT:        "8081" | ||||
| NEXTCLOUD_TALK_SIGNALING_URL:         "{{ [ NEXTCLOUD_URL, NEXTCLOUD_TALK_SIGNALING_LOCATION ] | url_join }}" | ||||
|  | ||||
| #### Turn (Onboard) | ||||
| NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED:          "{{ applications | get_app_conf(application_id, 'docker.services.talk.turn_server.onboard_enabled') if NEXTCLOUD_TALK_PLUGIN_ENABLED  else false }}" | ||||
| NEXTCLOUD_TALK_TURN_ONBOARD_SECRET:           "{{ applications | get_app_conf(application_id, 'credentials.talk_turn_secret') if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED else applications | get_app_conf(NEXTCLOUD_TALK_TURN_STANDALONE_ROLE, 'credentials.auth_secret') }}" | ||||
| NEXTCLOUD_TALK_TURN_ONBOARD_STUN_PORT:        "{{ ports.public.stun_turn[application_id] }}" | ||||
| NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START: "{{ ports.public.relay_port_ranges[application_id ~ '_start'] }}" | ||||
| NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END:   "{{ ports.public.relay_port_ranges[application_id ~ '_end'  ] }}" | ||||
| NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE: "{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }}-{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }}" | ||||
|  | ||||
| #### Stun | ||||
| NEXTCLOUD_TALK_STUN_PORT:                     "{{ ports.public.stun_turn[application_id] if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED else ports.public.stun_turn[NEXTCLOUD_TALK_TURN_STANDALONE_ROLE] }}" | ||||
|  | ||||
| #### Coturn (Standalone) | ||||
| NEXTCLOUD_TALK_TURN_STANDALONE_ROLE:          'web-svc-coturn' | ||||
| NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED:       "{{ applications | get_app_conf(application_id, 'docker.services.talk.turn_server.standalone_enabled') if NEXTCLOUD_TALK_PLUGIN_ENABLED  else false }}" | ||||
|  | ||||
| ### Whiteboard | ||||
| NEXTCLOUD_WHITEBOARD_CONTAINER:     "{{ applications | get_app_conf(application_id, 'docker.services.whiteboard.name') }}" | ||||
|   | ||||
| @@ -20,7 +20,7 @@ plugin_configuration: | ||||
|     configvalue: "{{ [ | ||||
|         { | ||||
|           'server': NEXTCLOUD_TALK_DOMAIN ~ ':' ~ NEXTCLOUD_TALK_STUN_PORT ~ '?transport=udp', | ||||
|           'secret': NEXTCLOUD_TALK_TURN_SECRET, | ||||
|           'secret': NEXTCLOUD_TALK_TURN_ONBOARD_SECRET, | ||||
|           'ttl': 86400, | ||||
|           'protocols': 'udp,tcp' | ||||
|         } | ||||
|   | ||||
		Reference in New Issue
	
	Block a user