mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-12-07 18:05:09 +00:00

Files

Kevin Veen-Birkenbach 986f959696 Refactor webserver proxy variables and fix BigBlueButton deployment behavior

Refactor proxy/webserver configuration variables to a consistent webserver_* naming scheme across roles. Replace legacy variables like proxy_extra_configuration, client_max_body_size, vhost_flavour, location_ws and ws_port with webserver_extra_configuration, webserver_client_max_body_size, webserver_vhost_flavour, webserver_websocket_location and webserver_websocket_port. Update NGINX vhost and location templates (html, upload, ws, basic, ws_generic) as well as callers (sys-front-inj-all, sys-stk-front-proxy, various web-app-* and web-svc-* roles) to use the new naming.

Tighten docker-compose Git repository handling by making docker_git_repository_pull depend on docker_git_repository_address being defined, a string and non-empty. This avoids accidental Git operations when the repository address is unset or of the wrong type.

Refactor the BigBlueButton role structure and fix deployment bugs: introduce 01_core.yml to orchestrate docker/proxy setup, database seeding, websocket map deployment, docker-compose overrides and admin/bootstrap logic in a single once-executed entrypoint. Rename supporting task files (02_docker-compose.yml, 03_administrator.yml, 04_dependencies.yml) and update tasks/main.yml to delegate via include_tasks with run_once_web_app_bigbluebutton. Improve Greenlight admin creation behavior by treating the 'Email has already been taken' error as a non-fatal, unchanged outcome and running user:set_admin_role as a fallback, both for the primary password and the OIDC starred-password path.

Also standardize vhost flavour selection for services like Mailu, Discourse, CDN, Collabora, Coturn, OnlyOffice, Simpleicons and web-svc-logout by explicitly passing webserver_vhost_flavour where needed and aligning client_max_body_size and websocket configuration with the new webserver_* variables.

Reference: ChatGPT conversation https://chatgpt.com/share/6931c530-bba8-800f-9997-dd61dc1d497b

2025-12-04 18:31:09 +01:00

config

Added matomo to roles and optimized features configuration

2025-11-27 14:46:04 +01:00

README.md

Coturn

This folder contains the role to deploy and manage a Coturn service.

Description

Coturn is a free and open-source TURN (Traversal Using Relays around NAT) and STUN (Session Traversal Utilities for NAT) server.
It enables real-time communication (RTC) applications such as WebRTC to work reliably across NATs and firewalls.

Without TURN/STUN, video calls, conferencing, and peer-to-peer connections often fail due to NAT traversal issues.
Coturn solves this by acting as a relay server and/or discovery service for public IP addresses.

More background:

Wikipedia: Traversal Using Relays around NAT
Wikipedia: Session Traversal Utilities for NAT
Official Coturn Docs: https://github.com/coturn/coturn/wiki

Overview

This role deploys Coturn via Docker Compose using the sys-stk-semi-stateless stack.
It automatically configures:

TURN and STUN listening ports
Relay port ranges
TLS certificates (via Let’s Encrypt integration)
Long-term credentials and/or REST API secrets

Typical use cases:

Nextcloud Talk
Jitsi
BigBlueButton
Any WebRTC-based application

Features

Stateless container deployment (no database or persistent volume required)
Automatic TLS handling via sys-stk-front-base
TURN and STUN support over TCP and UDP
Configurable relay port ranges for scaling
Integration into Infinito.Nexus inventory/variable system

Further Resources

Coturn Project — https://github.com/coturn/coturn
Coturn Wiki — https://github.com/coturn/coturn/wiki
TURN on Wikipedia — https://en.wikipedia.org/wiki/Traversal_Using_Relays_around_NAT
STUN on Wikipedia — https://en.wikipedia.org/wiki/STUN