Files
computer-playbook/roles/web-app-bigbluebutton/vars/main.yml
Kevin Veen-Birkenbach 73a38e0b2b Refactor TURN/STUN handling:
- Split internal/external Coturn for BBB and Nextcloud
- Added dedicated relay port ranges per app
- Updated env and compose overrides for coturn
- Ensure coturn role is loaded conditionally
- Standardize credential/env passing for coturn
@See https://chatgpt.com/share/68d6f376-4878-800f-b4f7-62822caa49ea
2025-09-26 22:11:55 +02:00

56 lines
3.4 KiB
YAML

# General
application_id: "web-app-bigbluebutton"
entity_name: "{{ application_id | get_entity_name }}"
# Database configuration
database_type: "postgres"
database_instance: "{{ application_id | get_entity_name }}"
database_password: "{{ applications | get_app_conf(application_id, 'credentials.postgresql_secret') }}"
database_username: "postgres"
database_name: "" # Multiple databases
# Proxy
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
# Docker
docker_compose_file_creation_enabled: false # Handled in this role
docker_repository_address: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ entity_name ~ '.repository') }}"
docker_repository_branch: "{{ applications | get_app_conf(application_id, 'docker.services.' ~ entity_name ~ '.version') }}"
docker_pull_git_repository: true
# BigBlueButton
## Credentials
BBB_SHARED_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.shared_secret') }}"
BBB_ETHERPAD_API_KEY: "{{ applications | get_app_conf(application_id, 'credentials.etherpad_api_key') }}"
BBB_RAILS_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.rails_secret') }}"
BBB_POSTGRESQL_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.postgresql_secret') }}"
BBB_FSESL_PASSWORD: "{{ applications | get_app_conf(application_id, 'credentials.fsesl_password') }}"
BBB_TURN_SECRET: "{{ applications | get_app_conf(application_id, 'credentials.turn_secret') }}"
## TLS
BBB_COTURN_TLS_CERT_PATH: "{{ [ LETSENCRYPT_LIVE_PATH, ssl_cert_folder, 'fullchain.pem'] | path_join }}"
BBB_COTURN_TLS_KEY_PATH: "{{ [ LETSENCRYPT_LIVE_PATH, ssl_cert_folder, 'privkey.pem'] | path_join }}"
## Turn
BBB_TURN_DOMAIN: "{{ networks.internet.ip4 if BBB_INTERNAL_COTURN_ENABLED else domains | get_domain('web-svc-coturn') }}"
BBB_TURN_PORT: "{{ ports.public.turn[application_id] if BBB_INTERNAL_COTURN_ENABLED else ports.public.turn['web-svc-coturn'] }}"
BBB_STUN_PORT: "{{ ports.public.turn[application_id] if BBB_INTERNAL_COTURN_ENABLED else ports.public.stun['web-svc-coturn'] }}"
BBB_RELAY_PORT_START: "{{ ports.public.relay_port_ranges[application_id ~ '_start'] }}"
BBB_RELAY_PORT_END: "{{ ports.public.relay_port_ranges[application_id ~ '_end'] }}"
BBB_RELAY_PORT_RANGE: "{{ BBB_RELAY_PORT_START }}-{{ BBB_RELAY_PORT_END }}"
## Switchs
### Network
BBB_IP6_ENABLED: "{{ applications | get_app_conf(application_id, 'server.ip6_enabled') }}"
### Container
BBB_GREENLIGHT_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.greenlight.enabled') }}"
BBB_INTERNAL_COTURN_ENABLED: "{{ applications | get_app_conf(application_id, 'docker.services.coturn.internal') }}"
### SSO
BBB_LDAP_ENABLED: "{{ applications | get_app_conf(application_id, 'features.ldap') }}"
BBB_OIDC_ENABLED: "{{ applications | get_app_conf(application_id, 'features.oidc') }}"