e1363c9b9b
Add lt-cred-mech authentication mechanism to Coturn
All homeserver implementations have been updated to support this as
well.
It's just Jitsi that possibly doesn't work with anything other than `auth-secret`.
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/3191
2年前
ad32953e0b
Add additional-networks support to matrix-coturn
Not that it seems necessary right now, but it makes it consistent with
all other roles.
2年前
2511b34a7c
Stop containers gracefully, instead of outright killing them
2年前
dc9ff4e01b
Add support for external-IP-address-autodetection to Coturn
2年前
69b2df629b
Enable some recommended Coturn options in an effort to lower DDoS amplification factor
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2592
3年前
0b9dc56edf
Add type support to matrix_coturn_container_additional_volumes
.. and try to auto-switch between `bind` and `volume` depending on
whether there's a slash in the `src` path.
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/2482
3年前
d44d4b637f
Allow Coturn to work with SSL certificates extracted from Traefik
3年前
aafa8f019c
Allow matrix_coturn_docker_network to be set to 'host' to use host-networking
This helps large deployments which need to open up thousands of ports
(matrix_coturn_turn_udp_min_port, matrix_coturn_turn_udp_min_port)
On a test VM, opening 1k ports takes 17 seconds for Docker to "publish"
all of these ports (setting up forwarding rules with the firewall, etc),
so service startup and shutdown take a long amount of time.
If host-networking is used, there's no need to open any ports at all
and startup/shutdown can be quick.
3年前
773cb7d37e
Make no-tcp-relay Coturn configuration property configurable
3年前
bf23d63f82
Add matrix_coturn_additional_configuration
3年前
4c9f96722f
Add no-multicast-peers to Coturn config by default
Part of a security hardening provoked by:
https://www.rtcsec.com/article/cve-2020-26262-bypass-of-coturns-access-control-protection/
3年前
4f4c856e43
matrix_host_command_systemctl -> devture_systemd_docker_base_host_command_systemctl (via com.devture.ansible.role.systemd_docker_base)
3年前
7086c0ebe3
matrix_host_command_sh -> devture_systemd_docker_base_host_command_sh (via com.devture.ansible.role.systemd_docker_base)
3年前
a9a81460ec
matrix_host_command_docker -> devture_systemd_docker_base_host_command_docker (via com.devture.ansible.role.systemd_docker_base)
3年前
f03f716989
matrix_systemd_unit_home_path -> devture_systemd_docker_base_systemd_unit_home_path (via com.devture.ansible.role.systemd_docker_base)
3年前
410a915a8a
Move roles/matrix* to roles/custom/matrix*
This paves the way for installing other roles into `roles/galaxy` using `ansible-galaxy`,
similar to how it's done in:
- https://github.com/spantaleev/gitea-docker-ansible-deploy
- https://github.com/spantaleev/nextcloud-docker-ansible-deploy
In the near future, we'll be removing a lot of the shared role code from here
and using upstream roles for it. Some of the core `matrix-*` roles have
already been extracted out into other reusable roles:
- https://github.com/devture/com.devture.ansible.role.postgres
- https://github.com/devture/com.devture.ansible.role.systemd_docker_base
- https://github.com/devture/com.devture.ansible.role.timesync
- https://github.com/devture/com.devture.ansible.role.vars_preserver
- https://github.com/devture/com.devture.ansible.role.playbook_runtime_messages
- https://github.com/devture/com.devture.ansible.role.playbook_help
We just need to migrate to those.
3年前
Slavi Pantaleev