- Introduced `COTURN_NETWORK_MODE` to support both host and bridge modes
- Updated docker-compose template to skip port publishing in host mode
- Changed user_password credential algorithm to random_hex for stronger randomness
- Set default network_mode: host in config
Ref: https://chatgpt.com/share/68d72a50-c36c-800f-9367-32c4ae520000
- Set CPU, memory reservation/limit, and PID limit for coturn
- Ensure docker_compose_file_creation_enabled and disable git repo pulling
- Move certificate mounts to volumes and fix env var interpolation in command
- Correct realm and user formatting
See: https://chatgpt.com/share/66f65f18-799c-800a-95f4-b6b26511e9cb
- Split internal/external Coturn for BBB and Nextcloud
- Added dedicated relay port ranges per app
- Updated env and compose overrides for coturn
- Ensure coturn role is loaded conditionally
- Standardize credential/env passing for coturn
@Seehttps://chatgpt.com/share/68d6f376-4878-800f-b4f7-62822caa49ea
- registered subnet 192.168.104.48/28 for coturn in group_vars/all/09_networks.yml
- defined public ports for stun/turn and relay port range in group_vars/all/10_ports.yml
- removed obsolete TODO.md and env.j2 from role
- added schema/main.yml with credentials validation (user_password, auth_secret)
- refactored tasks to load sys-stk-back-stateless instead of sys-stk-full-stateful
- implemented docker-compose.yml.j2 with auth-secret + lt-cred-mech and TLS config
- restructured vars/main.yml with docker, ports, credentials, and certificates
- updated config/main.yml.j2 with canonical domain and service definitions
Conversation: https://chatgpt.com/share/68d6c4a8-d524-800f-9592-e8a3407cd721
