mirror of
				https://github.com/kevinveenbirkenbach/computer-playbook.git
				synced 2025-10-31 18:29:21 +00:00 
			
		
		
		
	web-svc-coturn: Add resource limits and fix docker-compose template
- Set CPU, memory reservation/limit, and PID limit for coturn - Ensure docker_compose_file_creation_enabled and disable git repo pulling - Move certificate mounts to volumes and fix env var interpolation in command - Correct realm and user formatting See: https://chatgpt.com/share/66f65f18-799c-800a-95f4-b6b26511e9cb
This commit is contained in:
		| @@ -6,8 +6,12 @@ server: | ||||
| docker: | ||||
|   services: | ||||
|     coturn: | ||||
|       image:    "coturn/coturn" | ||||
|       version:  "latest" | ||||
|       image:            "coturn/coturn" | ||||
|       version:          "latest" | ||||
|       cpus:             1.0 | ||||
|       mem_reservation:  512m | ||||
|       mem_limit:        1g | ||||
|       pids_limit:       256 | ||||
|     redis: | ||||
|       enabled:  false | ||||
|     database:  | ||||
|   | ||||
| @@ -1,3 +1,6 @@ | ||||
| - name: "Load 'sys-stk-semi-stateless' for '{{ application_id }}'" | ||||
|   include_role: | ||||
|     name: sys-stk-semi-stateless | ||||
|     name: sys-stk-semi-stateless | ||||
|   vars: | ||||
|     docker_compose_file_creation_enabled: true | ||||
|     docker_pull_git_repository:           false | ||||
| @@ -4,26 +4,26 @@ | ||||
| {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
|     image: {{ COTURN_IMAGE }}:{{ COTURN_VERSION }} | ||||
|     container_name: {{ COTURN_VOLUME }} | ||||
|     {% include 'roles/docker-container/templates/base.yml.j2' %} | ||||
|     ports: | ||||
|       - "{{ COTURN_TURN_PORT }}:{{ COTURN_TURN_PORT }}/udp" | ||||
|       - "{{ COTURN_TURN_PORT }}:{{ COTURN_TURN_PORT }}/tcp" | ||||
|       - "{{ COTURN_STUN_PORT }}:{{ COTURN_STUN_PORT }}/tcp" | ||||
|       - "{{ COTURN_STUN_PORT }}:{{ COTURN_STUN_PORT }}/udp" | ||||
|       - "{{ COTURN_RELAY_PORT_RANGE }}/udp" | ||||
|     volumes: | ||||
|       - "{{ COTURN_TLS_CERT_PATH }}:{{ COTURN_TLS_CERT_PATH }}:ro" | ||||
|       - "{{ COTURN_TLS_KEY_PATH }}:{{ COTURN_TLS_KEY_PATH }}:ro" | ||||
|     command: > | ||||
|       --use-auth-secret | ||||
|       --static-auth-secret=${ COTURN_STATIC_AUTH_SECRET } | ||||
|       --static-auth-secret="${COTURN_STATIC_AUTH_SECRET}" | ||||
|       --lt-cred-mech | ||||
|       --user=${ COTURN_USER_NAME }:${ COTURN_USER_PASSWORD } | ||||
|       --user="${COTURN_USER_NAME}:${COTURN_USER_PASSWORD}" | ||||
|       --log-file=stdout | ||||
|       --external-ip={{ networks.internet.ip4 }} | ||||
| {% if networks.internet.ip6|default('') %} | ||||
|       --external-ip={{ networks.internet.ip6 }} | ||||
| {% endif %} | ||||
|       --realm=${ COTURN_REALM } | ||||
|       --realm="${COTURN_REALM}" | ||||
|       --fingerprint | ||||
|       --total-quota=100 | ||||
|       --stale-nonce | ||||
|   | ||||
		Reference in New Issue
	
	Block a user