kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-10 18:58:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

Nextcloud Talk integration cleanup: unify secrets and signaling config

Browse Source 
- Replace inline get_app_conf secrets in env.j2 with dedicated vars (TURN, signaling, internal)
- Correctly model signaling_servers as object {servers, secret} in spreed.yml
- Use UDP stun_turn port instead of TLS for transport=udp
- Add fallback logic for standalone Coturn role in main.yml
- Remove obsolete Greenlight section from BBB override

Ref: https://chatgpt.com/share/68d74e25-c068-800f-ae20-d0e34ac8ee12
This commit is contained in:
Kevin Veen-Birkenbach
2025-09-27 04:39:11 +02:00
parent 7405883b48
commit a044028e03
4 changed files with 25 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
roles/web-app-nextcloud/templates/env.j2
View File

@@ -41,12 +41,11 @@ REDIS_PORT= 6379
{% if NEXTCLOUD_TALK_PLUGIN_ENABLED %}
# Talk Configuration
# @todo move it to an own env file for encapsulation reasons
NC_DOMAIN={{ NEXTCLOUD_DOMAIN }}
TALK_HOST={{ NEXTCLOUD_TALK_DOMAIN }}
TURN_SECRET={{ applications | get_app_conf(application_id, 'credentials.talk_turn_secret') }}
SIGNALING_SECRET={{ applications | get_app_conf(application_id, 'credentials.talk_signaling_secret') }}
INTERNAL_SECRET={{ applications | get_app_conf(application_id, 'credentials.talk_internal_secret') }}
TURN_SECRET={{ NEXTCLOUD_TALK_TURN_SECRET }}
SIGNALING_SECRET={{ NEXTCLOUD_TALK_SIGNALING_SECRET }}
INTERNAL_SECRET={{ NEXTCLOUD_TALK_INTERNAL_SECRET }}
TZ={{ HOST_TIMEZONE }}
TALK_PORT={{ NEXTCLOUD_TALK_INT_TURN_PORT }}
TURN_MIN_PORT={{ NEXTCLOUD_TALK_RELAY_PORT_START }}