kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-10 10:48:10 +02:00
Code Issues Packages Projects Releases Wiki Activity

Nextcloud Talk integration cleanup: unify secrets and signaling config

Browse Source 
- Replace inline get_app_conf secrets in env.j2 with dedicated vars (TURN, signaling, internal)
- Correctly model signaling_servers as object {servers, secret} in spreed.yml
- Use UDP stun_turn port instead of TLS for transport=udp
- Add fallback logic for standalone Coturn role in main.yml
- Remove obsolete Greenlight section from BBB override

Ref: https://chatgpt.com/share/68d74e25-c068-800f-ae20-d0e34ac8ee12
This commit is contained in:
Kevin Veen-Birkenbach
2025-09-27 04:39:11 +02:00
parent 7405883b48
commit a044028e03
4 changed files with 25 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
roles/web-app-nextcloud/vars/main.yml
View File

@@ -59,11 +59,15 @@ NEXTCLOUD_CRON_CONTAINER: "{{ applications | get_app_conf(application_
### Talk
#### Service
_NEXTCLOUD_COTURN_STANDALONE_ROLE: 'web-svc-coturn'
NEXTCLOUD_TALK_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.talk.name') }}"
NEXTCLOUD_TALK_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.talk.image') }}"
NEXTCLOUD_TALK_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.talk.version') }}"
NEXTCLOUD_TALK_PLUGIN_ENABLED: "{{ applications | get_app_conf(application_id, 'plugins.spreed.enabled') }}"
NEXTCLOUD_TALK_SERVICE_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.talk.internal') if NEXTCLOUD_TALK_PLUGIN_ENABLED else false }}"
NEXTCLOUD_TALK_SERVICE_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.talk.internal') if NEXTCLOUD_TALK_PLUGIN_ENABLED else false }}"
NEXTCLOUD_TALK_TURN_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_turn_secret') if NEXTCLOUD_TALK_SERVICE_ENABLED else applications | get_app_conf(_NEXTCLOUD_COTURN_STANDALONE_ROLE, 'credentials.auth_secret') }}"
NEXTCLOUD_TALK_SIGNALING_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_signaling_secret') }}"
NEXTCLOUD_TALK_INTERNAL_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_internal_secret') }}"
NEXTCLOUD_TALK_LOCATION: "/standalone-signaling/"
NEXTCLOUD_TALK_PORT_INTERNAL: "8081"
NEXTCLOUD_TALK_INT_TURN_PORT: "3478"
@@ -73,9 +77,9 @@ NEXTCLOUD_TALK_RELAY_PORT_RANGE: "{{ NEXTCLOUD_TALK_RELAY_PORT_START }}-{{ NE
NEXTCLOUD_TALK_NETWORK_MODE: "{{ applications | get_app_conf(application_id, 'docker.services.talk.network_mode') }}"
# Connection
NEXTCLOUD_TALK_STUN_PORT: "{{ ports.public.stun_turn_tls[application_id] }}"
NEXTCLOUD_TALK_DOMAIN: "{{ NEXTCLOUD_DOMAIN }}"
NEXTCLOUD_TALK_URL: "{{ [ NEXTCLOUD_URL, NEXTCLOUD_TALK_LOCATION ] | url_join }}"
NEXTCLOUD_TALK_STUN_PORT: "{{ ports.public.stun_turn[application_id] if NEXTCLOUD_TALK_SERVICE_ENABLED else ports.public.stun_turn[_NEXTCLOUD_COTURN_STANDALONE_ROLE] }}"
NEXTCLOUD_TALK_DOMAIN: "{{ NEXTCLOUD_DOMAIN if NEXTCLOUD_TALK_SERVICE_ENABLED else (domains | get_domain(_NEXTCLOUD_COTURN_STANDALONE_ROLE)) }}"
NEXTCLOUD_TALK_SIGNALING_URL: "{{ [ NEXTCLOUD_URL, NEXTCLOUD_TALK_LOCATION ] | url_join }}"
### Whiteboard
NEXTCLOUD_WHITEBOARD_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.whiteboard.name') }}"