mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-11-18 19:16:27 +00:00
Compare commits
6 Commits
7405883b48
...
75d476267e
| Author | SHA1 | Date | |
|---|---|---|---|
| 75d476267e | |||
| c3e5db7f2e | |||
| dfd2d243b7 | |||
| 78ad2ea4b6 | |||
| c362e160fc | |||
| a044028e03 |
@@ -26,6 +26,10 @@ docker:
|
||||
bigbluebutton:
|
||||
repository: "https://github.com/kevinveenbirkenbach/bigbluebutton-docker.git"
|
||||
version: "bbb3.0"
|
||||
recording:
|
||||
enabled: true # Enable recordings of sessions
|
||||
cleanup: true # Auto-Cleanup Recordings
|
||||
max_age_days: 30 # Cleanup recording after this amount of days
|
||||
database:
|
||||
# This is set to true to pass integration test, doesn't have any other function
|
||||
enabled: true
|
||||
|
||||
@@ -29,11 +29,6 @@ services:
|
||||
--cert=${COTURN_TLS_CERT_PATH}
|
||||
--pkey=${COTURN_TLS_KEY_PATH}
|
||||
{% endif %}
|
||||
{% if BBB_GREENLIGHT_ENABLED | bool %}
|
||||
greenlight:
|
||||
{% set container_port = 3000 %}
|
||||
{% include 'roles/docker-container/templates/healthcheck/nc.yml.j2' %}
|
||||
{% endif %}
|
||||
{% if BBB_COLLABORA_ENABLED | bool %}
|
||||
bbb-web:
|
||||
depends_on:
|
||||
|
||||
@@ -22,14 +22,9 @@ ENABLE_GREENLIGHT={{ BBB_GREENLIGHT_ENABLED | lower }}
|
||||
#ENABLE_PROMETHEUS_EXPORTER_OPTIMIZATION=true
|
||||
|
||||
# Recording
|
||||
# IMPORTANT: this is currently a big privacy issues, because it will
|
||||
# record everything which happens in the conference, even when the button
|
||||
# suggets, that it does not.
|
||||
# https://github.com/bigbluebutton/bigbluebutton/issues/9202
|
||||
# make sure that you get peoples consent, before they join a room
|
||||
ENABLE_RECORDING=false
|
||||
REMOVE_OLD_RECORDING=true
|
||||
RECORDING_MAX_AGE_DAYS=365
|
||||
ENABLE_RECORDING={{ BBB_RECORDING_ENABLED | lower }}
|
||||
REMOVE_OLD_RECORDING={{ BBB_RECORDING_CLEANUP_ENABLED | lower }}
|
||||
RECORDING_MAX_AGE_DAYS={{ BBB_RECORDING_MAX_AGE_DAYS }}
|
||||
|
||||
# ====================================
|
||||
# SECRETS
|
||||
@@ -174,27 +169,17 @@ OAUTH2_REDIRECT=
|
||||
# For information about setting up LDAP, see:
|
||||
#
|
||||
# https://docs.bigbluebutton.org/greenlight/gl-config.html#ldap-auth
|
||||
#
|
||||
# LDAP_SERVER=ldap.example.com
|
||||
# LDAP_PORT=389
|
||||
# LDAP_METHOD=plain
|
||||
# LDAP_UID={{ LDAP.USER.ATTRIBUTES.ID }}
|
||||
# LDAP_BASE=dc=example,dc=com
|
||||
# LDAP_AUTH=simple
|
||||
# LDAP_BIND_DN=cn=admin,dc=example,dc=com
|
||||
# LDAP_PASSWORD=password
|
||||
# LDAP_ROLE_FIELD=ou
|
||||
# LDAP_FILTER=(&(attr1=value1)(attr2=value2))
|
||||
|
||||
LDAP_SERVER="{{ LDAP.SERVER.DOMAIN }}"
|
||||
LDAP_PORT="{{ LDAP.SERVER.PORT }}"
|
||||
LDAP_METHOD=
|
||||
# LDAP_METHOD=plain
|
||||
LDAP_UID={{ LDAP.USER.ATTRIBUTES.ID }}
|
||||
LDAP_BASE="{{ LDAP.DN.ROOT }}"
|
||||
LDAP_BIND_DN="{{ LDAP.DN.ADMINISTRATOR.DATA }}"
|
||||
LDAP_AUTH=password
|
||||
LDAP_PASSWORD="{{ LDAP.BIND_CREDENTIAL }}"
|
||||
LDAP_ROLE_FIELD=
|
||||
LDAP_FILTER=
|
||||
# LDAP_ROLE_FIELD=ou
|
||||
# LDAP_FILTER=(&(attr1=value1)(attr2=value2))
|
||||
{% endif %}
|
||||
|
||||
# ====================================
|
||||
|
||||
@@ -43,11 +43,16 @@ BBB_RELAY_PORT_START: "{{ ports.public.relay_port_ranges[applica
|
||||
BBB_RELAY_PORT_END: "{{ ports.public.relay_port_ranges[application_id ~ '_end'] }}"
|
||||
BBB_RELAY_PORT_RANGE: "{{ BBB_RELAY_PORT_START }}-{{ BBB_RELAY_PORT_END }}"
|
||||
|
||||
# Collabora
|
||||
## Collabora
|
||||
BBB_COLLABORA_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.collabora.internal') }}"
|
||||
BBB_COLLABORA_URL: "{{ 'https://collabora:9980/cool' if BBB_COLLABORA_ENABLED else (domains | get_url('web-svc-collabora', WEB_PROTOCOL)) }}"
|
||||
|
||||
## Switchs
|
||||
### Recording
|
||||
BBB_RECORDING_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.'~ entity_name ~'.recording.enabled') }}"
|
||||
BBB_RECORDING_CLEANUP_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.'~ entity_name ~'.recording.cleanup') }}"
|
||||
BBB_RECORDING_MAX_AGE_DAYS: "{{ applications | get_app_conf(application_id, 'docker.services.'~ entity_name ~'.recording.max_age_days') }}"
|
||||
|
||||
## Additional Switchs
|
||||
|
||||
### Network
|
||||
BBB_IP6_ENABLED: "{{ applications | get_app_conf(application_id, 'server.ip6_enabled') }}"
|
||||
|
||||
@@ -51,7 +51,9 @@ docker:
|
||||
version: "latest"
|
||||
backup:
|
||||
no_stop_required: false
|
||||
internal: false
|
||||
turn_server:
|
||||
onboard_enabled: true
|
||||
standalone_enabled: true
|
||||
network_mode: host
|
||||
whiteboard:
|
||||
name: "nextcloud-whiteboard"
|
||||
|
||||
@@ -33,5 +33,5 @@
|
||||
- name: create internal nextcloud nginx configuration
|
||||
template:
|
||||
src: "nginx/docker.conf.j2"
|
||||
dest: "{{ [docker_compose.directories.volumes, 'nginx.conf'] | path_join }}"
|
||||
dest: "{{ NEXTCLOUD_HOST_NGINX_SRC }}"
|
||||
notify: restart nextcloud nginx service
|
||||
|
||||
@@ -35,5 +35,3 @@
|
||||
plugin_key: "{{ plugin_item.key }}"
|
||||
plugin_value: "{{ plugin_item.value }}"
|
||||
when: NEXTCLOUD_PLUGINS_ENABLED
|
||||
|
||||
|
||||
|
||||
@@ -5,3 +5,4 @@
|
||||
flush_handlers: true
|
||||
when:
|
||||
- run_once_web_svc_coturn is not defined
|
||||
- NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED | bool
|
||||
|
||||
@@ -5,7 +5,7 @@
|
||||
return 'turn_servers' => [
|
||||
[
|
||||
'host' => 'coturn',
|
||||
'port' => 3478,
|
||||
'port' => {{ NEXTCLOUD_TALK_TURN_ONBOARD_STUN_PORT }},
|
||||
'secret' => 'my-secret-key',
|
||||
'protocols' => 'udp,tcp'
|
||||
]
|
||||
|
||||
@@ -7,16 +7,19 @@
|
||||
driver: journald
|
||||
restart: {{ DOCKER_RESTART_POLICY }}
|
||||
ports:
|
||||
- "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ container_port }}"
|
||||
- "127.0.0.1:{{ NEXTCLOUD_PORT }}:{{ container_port }}"
|
||||
volumes:
|
||||
- "{{ docker_compose.directories.volumes }}nginx.conf:/etc/nginx/nginx.conf:ro"
|
||||
- "{{ NEXTCLOUD_HOST_NGINX_SRC }}:/etc/nginx/nginx.conf:ro"
|
||||
volumes_from:
|
||||
- application
|
||||
|
||||
{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
|
||||
networks:
|
||||
default:
|
||||
ipv4_address: 192.168.102.67
|
||||
{% if NEXTCLOUD_TALK_NETWORK_MODE == 'host' %}
|
||||
extra_hosts:
|
||||
- "host.docker.internal:host-gateway"
|
||||
{% endif %}
|
||||
|
||||
application:
|
||||
image: "{{ NEXTCLOUD_IMAGE }}:{{ NEXTCLOUD_VERSION }}"
|
||||
@@ -34,20 +37,20 @@
|
||||
{% include 'roles/docker-container/templates/networks.yml.j2' %}
|
||||
ipv4_address: 192.168.102.69
|
||||
|
||||
{% if NEXTCLOUD_TALK_SERVICE_ENABLED %}
|
||||
{% if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED | bool %}
|
||||
talk:
|
||||
{% set container_port = NEXTCLOUD_TALK_PORT_INTERNAL %}
|
||||
{% set container_port = NEXTCLOUD_TALK_SIGNALING_PORT %}
|
||||
{% include 'roles/docker-container/templates/base.yml.j2' %}
|
||||
{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
|
||||
image: "{{ NEXTCLOUD_TALK_IMAGE }}:{{ NEXTCLOUD_TALK_VERSION }}"
|
||||
container_name: {{ NEXTCLOUD_TALK_CONTAINER }}
|
||||
init: true
|
||||
network_mode: {{ COTURN_NETWORK_MODE }}
|
||||
network_mode: {{ NEXTCLOUD_TALK_NETWORK_MODE }}
|
||||
{% if NEXTCLOUD_TALK_NETWORK_MODE == 'bridge' %}
|
||||
ports:
|
||||
- {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_STUN_PORT }}:{{ NEXTCLOUD_TALK_INT_TURN_PORT }}/tcp
|
||||
- {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_STUN_PORT }}:{{ NEXTCLOUD_TALK_INT_TURN_PORT }}/udp
|
||||
- {{ NEXTCLOUD_TALK_RELAY_PORT_RANGE }}:{{ NEXTCLOUD_TALK_RELAY_PORT_RANGE }}/udp
|
||||
- {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_STUN_PORT }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_STUN_PORT }}/tcp
|
||||
- {{ networks.internet.ip4 }}:{{ NEXTCLOUD_TALK_STUN_PORT }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_STUN_PORT }}/udp
|
||||
- {{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE }}:{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE }}/udp
|
||||
expose:
|
||||
- "{{ container_port }}"
|
||||
networks:
|
||||
|
||||
@@ -24,7 +24,7 @@ MAIL_FROM_ADDRESS= "{{ users['no-reply'].username }}"
|
||||
MAIL_DOMAIN= "{{ SYSTEM_EMAIL.DOMAIN }}"
|
||||
|
||||
# Initial Admin Data
|
||||
NEXTCLOUD_ADMIN_USER= "{{ NEXTCLOUD_ADMINISTRATOR_USER }}"
|
||||
NEXTCLOUD_ADMIN_USER= "{{ NEXTCLOUD_ADMINISTRATOR_USERNAME }}"
|
||||
NEXTCLOUD_ADMIN_PASSWORD= "{{ NEXTCLOUD_ADMINISTRATOR_PASSWORD }}"
|
||||
|
||||
# Security
|
||||
@@ -41,18 +41,17 @@ REDIS_PORT= 6379
|
||||
|
||||
{% if NEXTCLOUD_TALK_PLUGIN_ENABLED %}
|
||||
# Talk Configuration
|
||||
# @todo move it to an own env file for encapsulation reasons
|
||||
NC_DOMAIN={{ NEXTCLOUD_DOMAIN }}
|
||||
TALK_HOST={{ NEXTCLOUD_TALK_DOMAIN }}
|
||||
TURN_SECRET={{ applications | get_app_conf(application_id, 'credentials.talk_turn_secret') }}
|
||||
SIGNALING_SECRET={{ applications | get_app_conf(application_id, 'credentials.talk_signaling_secret') }}
|
||||
INTERNAL_SECRET={{ applications | get_app_conf(application_id, 'credentials.talk_internal_secret') }}
|
||||
TURN_SECRET={{ NEXTCLOUD_TALK_TURN_ONBOARD_SECRET }}
|
||||
SIGNALING_SECRET={{ NEXTCLOUD_TALK_SIGNALING_SECRET }}
|
||||
INTERNAL_SECRET={{ NEXTCLOUD_TALK_INTERNAL_SECRET }}
|
||||
TZ={{ HOST_TIMEZONE }}
|
||||
TALK_PORT={{ NEXTCLOUD_TALK_INT_TURN_PORT }}
|
||||
TURN_MIN_PORT={{ NEXTCLOUD_TALK_RELAY_PORT_START }}
|
||||
TURN_MAX_PORT={{ NEXTCLOUD_TALK_RELAY_PORT_END }}
|
||||
COTURN_MIN_PORT={{ NEXTCLOUD_TALK_RELAY_PORT_START }}
|
||||
COTURN_MAX_PORT={{ NEXTCLOUD_TALK_RELAY_PORT_END }}
|
||||
TALK_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_STUN_PORT }}
|
||||
TURN_MIN_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }}
|
||||
TURN_MAX_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }}
|
||||
COTURN_MIN_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }}
|
||||
COTURN_MAX_PORT={{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }}
|
||||
{% endif %}
|
||||
|
||||
{% if NEXTCLOUD_WHITEBOARD_ENABLED %}
|
||||
|
||||
@@ -190,9 +190,13 @@ http {
|
||||
proxy_read_timeout 3600;
|
||||
}
|
||||
|
||||
{% if NEXTCLOUD_TALK_SERVICE_ENABLED %}
|
||||
location {{ NEXTCLOUD_TALK_LOCATION }} {
|
||||
proxy_pass http://talk:{{ NEXTCLOUD_TALK_PORT_INTERNAL }}/;
|
||||
{% if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED | bool %}
|
||||
location {{ NEXTCLOUD_TALK_SIGNALING_LOCATION }} {
|
||||
{% if NEXTCLOUD_TALK_NETWORK_MODE == 'host' %}
|
||||
proxy_pass http://host.docker.internal:{{ NEXTCLOUD_TALK_SIGNALING_PORT }}/;
|
||||
{% else %}
|
||||
proxy_pass http://talk:{{ NEXTCLOUD_TALK_SIGNALING_PORT }}/;
|
||||
{% endif %}
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
|
||||
@@ -8,16 +8,15 @@ database_password: "{{ applications | get_app_conf(application_
|
||||
database_type: "mariadb" # Database flavor
|
||||
|
||||
# Nextcloud
|
||||
|
||||
## General
|
||||
NEXTCLOUD_DOMAIN: "{{ domains | get_domain(application_id) }}"
|
||||
NEXTCLOUD_PORT: "{{ ports.localhost.http[application_id] }}"
|
||||
NEXTCLOUD_URL: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
|
||||
|
||||
NEXTCLOUD_PLUGINS_ENABLED: "{{ applications | get_app_conf(application_id, 'plugins_enabled') }}"
|
||||
NEXTCLOUD_ADMINISTRATOR_USERNAME: "{{ applications | get_app_conf(application_id, 'users.administrator.username') }}"
|
||||
|
||||
## Plugins
|
||||
NEXTCLOUD_PLUGIN_ITEMS: "{{ applications | get_app_conf(application_id, 'plugins') | dict2items }}"
|
||||
NEXTCLOUD_PLUGINS_ENABLED: "{{ applications | get_app_conf(application_id, 'plugins_enabled') }}"
|
||||
|
||||
## Paths
|
||||
|
||||
@@ -25,6 +24,7 @@ NEXTCLOUD_PLUGIN_ITEMS: "{{ applications | get_app_conf(application_
|
||||
NEXTCLOUD_HOST_CONF_ADD_PATH: "{{ [ docker_compose.directories.volumes, 'infinito' ] | path_join }}" # This folder is the path to which the additive configurations will be copied
|
||||
NEXTCLOUD_HOST_INCL_PATH: "{{ [ docker_compose.directories.volumes, 'includes.php' ] | path_join }}" # Path to the instruction file on the host. Responsible for loading the additional configurations
|
||||
NEXTCLOUD_HOST_NGINX_PATH: "{{ [ NGINX.DIRECTORIES.HTTP.SERVERS, NEXTCLOUD_DOMAIN ~ '.conf' ] | path_join }}" # Nginx path for proxy conf
|
||||
NEXTCLOUD_HOST_NGINX_SRC: "{{ [ docker_compose.directories.volumes, 'nginx.conf' ] | path_join }}"
|
||||
|
||||
## Control Node
|
||||
NEXTCLOUD_CNODE_PLUGIN_VARS_PATH: "{{ [role_path, 'vars/plugins/'] | path_join }}" # Folder in which the files for the plugin configuration are stored
|
||||
@@ -38,8 +38,8 @@ NEXTCLOUD_DOCKER_CONF_ADD_PATH: "{{ [ NEXTCLOUD_DOCKER_CONF_DIRECTORY, 'infi
|
||||
NEXTCLOUD_DOCKER_INCL_PATH: "/tmp/includes.php" # Path to the temporary file which will be included to the config.php to load the additional configurations
|
||||
|
||||
## Administrator
|
||||
NEXTCLOUD_ADMINISTRATOR_USER: "{{ applications | get_app_conf(application_id, 'users.administrator.username') }}"
|
||||
NEXTCLOUD_ADMINISTRATOR_PASSWORD: "{{ applications | get_app_conf(application_id, 'credentials.administrator_password') }}"
|
||||
NEXTCLOUD_ADMINISTRATOR_USERNAME: "{{ applications | get_app_conf(application_id, 'users.administrator.username') }}"
|
||||
|
||||
## Docker
|
||||
|
||||
@@ -58,24 +58,36 @@ NEXTCLOUD_PROXY_VERSION: "{{ applications | get_app_conf(application_
|
||||
NEXTCLOUD_CRON_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.cron.name') }}"
|
||||
|
||||
### Talk
|
||||
#### Service
|
||||
|
||||
#### General
|
||||
NEXTCLOUD_TALK_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.talk.name') }}"
|
||||
NEXTCLOUD_TALK_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.talk.image') }}"
|
||||
NEXTCLOUD_TALK_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.talk.version') }}"
|
||||
NEXTCLOUD_TALK_PLUGIN_ENABLED: "{{ applications | get_app_conf(application_id, 'plugins.spreed.enabled') }}"
|
||||
NEXTCLOUD_TALK_SERVICE_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.talk.internal') if NEXTCLOUD_TALK_PLUGIN_ENABLED else false }}"
|
||||
NEXTCLOUD_TALK_LOCATION: "/standalone-signaling/"
|
||||
NEXTCLOUD_TALK_PORT_INTERNAL: "8081"
|
||||
NEXTCLOUD_TALK_INT_TURN_PORT: "3478"
|
||||
NEXTCLOUD_TALK_RELAY_PORT_START: "{{ ports.public.relay_port_ranges[application_id ~ '_start'] }}"
|
||||
NEXTCLOUD_TALK_RELAY_PORT_END: "{{ ports.public.relay_port_ranges[application_id ~ '_end' ] }}"
|
||||
NEXTCLOUD_TALK_RELAY_PORT_RANGE: "{{ NEXTCLOUD_TALK_RELAY_PORT_START }}-{{ NEXTCLOUD_TALK_RELAY_PORT_END }}"
|
||||
NEXTCLOUD_TALK_NETWORK_MODE: "{{ applications | get_app_conf(application_id, 'docker.services.talk.network_mode') }}"
|
||||
NEXTCLOUD_TALK_INTERNAL_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_internal_secret') }}"
|
||||
NEXTCLOUD_TALK_DOMAIN: "{{ NEXTCLOUD_DOMAIN if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED else (domains | get_domain(NEXTCLOUD_TALK_TURN_STANDALONE_ROLE)) }}"
|
||||
|
||||
# Connection
|
||||
NEXTCLOUD_TALK_STUN_PORT: "{{ ports.public.stun_turn_tls[application_id] }}"
|
||||
NEXTCLOUD_TALK_DOMAIN: "{{ NEXTCLOUD_DOMAIN }}"
|
||||
NEXTCLOUD_TALK_URL: "{{ [ NEXTCLOUD_URL, NEXTCLOUD_TALK_LOCATION ] | url_join }}"
|
||||
#### Signaling
|
||||
NEXTCLOUD_TALK_SIGNALING_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_signaling_secret') }}"
|
||||
NEXTCLOUD_TALK_SIGNALING_LOCATION: "/standalone-signaling/"
|
||||
NEXTCLOUD_TALK_SIGNALING_PORT: "8081"
|
||||
NEXTCLOUD_TALK_SIGNALING_URL: "{{ [ NEXTCLOUD_URL, NEXTCLOUD_TALK_SIGNALING_LOCATION ] | url_join }}"
|
||||
|
||||
#### Turn (Onboard)
|
||||
NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.talk.turn_server.onboard_enabled') if NEXTCLOUD_TALK_PLUGIN_ENABLED else false }}"
|
||||
NEXTCLOUD_TALK_TURN_ONBOARD_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.talk_turn_secret') if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED else applications | get_app_conf(NEXTCLOUD_TALK_TURN_STANDALONE_ROLE, 'credentials.auth_secret') }}"
|
||||
NEXTCLOUD_TALK_TURN_ONBOARD_STUN_PORT: "{{ ports.public.stun_turn[application_id] }}"
|
||||
NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START: "{{ ports.public.relay_port_ranges[application_id ~ '_start'] }}"
|
||||
NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END: "{{ ports.public.relay_port_ranges[application_id ~ '_end' ] }}"
|
||||
NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_RANGE: "{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_START }}-{{ NEXTCLOUD_TALK_TURN_ONBOARD_RELAY_PORT_END }}"
|
||||
|
||||
#### Stun
|
||||
NEXTCLOUD_TALK_STUN_PORT: "{{ ports.public.stun_turn[application_id] if NEXTCLOUD_TALK_TURN_ONBOARD_ENABLED else ports.public.stun_turn[NEXTCLOUD_TALK_TURN_STANDALONE_ROLE] }}"
|
||||
|
||||
#### Coturn (Standalone)
|
||||
NEXTCLOUD_TALK_TURN_STANDALONE_ROLE: 'web-svc-coturn'
|
||||
NEXTCLOUD_TALK_TURN_STANDALONE_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.talk.turn_server.standalone_enabled') if NEXTCLOUD_TALK_PLUGIN_ENABLED else false }}"
|
||||
|
||||
### Whiteboard
|
||||
NEXTCLOUD_WHITEBOARD_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.whiteboard.name') }}"
|
||||
|
||||
@@ -1,23 +1,32 @@
|
||||
plugin_configuration:
|
||||
# signaling_servers: JSON object
|
||||
- appid: "spreed"
|
||||
configkey: "signaling_servers"
|
||||
configvalue:
|
||||
- server: "{{ NEXTCLOUD_TALK_URL }}"
|
||||
verify: true
|
||||
# optional:
|
||||
alias: "primary"
|
||||
configvalue: "{{ {
|
||||
'servers': [ { 'server': NEXTCLOUD_TALK_SIGNALING_URL, 'verify': True, 'alias': 'primary' } ],
|
||||
'secret': NEXTCLOUD_TALK_SIGNALING_SECRET
|
||||
} | to_json }}"
|
||||
|
||||
# STUN
|
||||
# stun_servers: JSON array of strings
|
||||
- appid: "spreed"
|
||||
configkey: "stun_servers"
|
||||
configvalue:
|
||||
- "stun:{{ NEXTCLOUD_TALK_DOMAIN }}:{{ NEXTCLOUD_TALK_STUN_PORT }}"
|
||||
configvalue: "{{ [
|
||||
NEXTCLOUD_TALK_DOMAIN ~ ':' ~ NEXTCLOUD_TALK_STUN_PORT
|
||||
] | to_json }}"
|
||||
|
||||
# TURN with REST-Secret (used by Talk/Coturn)
|
||||
# turn_servers: JSON array of objects
|
||||
- appid: "spreed"
|
||||
configkey: "turn_servers"
|
||||
configvalue:
|
||||
- server: "turn:{{ NEXTCLOUD_TALK_DOMAIN }}:{{ NEXTCLOUD_TALK_STUN_PORT }}?transport=udp"
|
||||
secret: "{{ applications | get_app_conf(application_id, 'credentials.talk_turn_secret') }}"
|
||||
ttl: 86400
|
||||
protocols: "udp,tcp"
|
||||
configvalue: "{{ [
|
||||
{
|
||||
'server': NEXTCLOUD_TALK_DOMAIN ~ ':' ~ NEXTCLOUD_TALK_STUN_PORT ~ '?transport=udp',
|
||||
'secret': NEXTCLOUD_TALK_TURN_ONBOARD_SECRET,
|
||||
'ttl': 86400,
|
||||
'protocols': 'udp,tcp'
|
||||
}
|
||||
] | to_json }}"
|
||||
|
||||
# internal secret (plain string)
|
||||
- appid: "spreed"
|
||||
configkey: "internal_secret"
|
||||
configvalue: "{{ NEXTCLOUD_TALK_INTERNAL_SECRET }}"
|
||||
|
||||
Reference in New Issue
Block a user