overmind
/
matrix-docker-ansible-deploy
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
Matrix Docker Ansible eploy
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8787 Commits
12 Branches
1.2 GiB
 
 
Tree: 3e86adac0d
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '3e86adac0d'
${ noResults }
matrix-docker-ansible-deploy/roles/custom/matrix-livekit-server/defaults/main.yml

163 lines
8.8 KiB
Raw Blame History 

  1. ---

  2. 

  3. # Project source code URL: https://github.com/livekit/livekit

  4. 

  5. livekit_server_enabled: false

  6. 

  7. livekit_server_identifier: livekit-server

  8. 

  9. livekit_server_uid: ''

  10. livekit_server_gid: ''

  11. 

  12. livekit_server_base_path: "/{{ livekit_server_identifier }}"

  13. livekit_server_config_path: "{{ livekit_server_base_path }}/config"

  14. 

  15. # renovate: datasource=docker depName=livekit/livekit-server

  16. livekit_server_version: v1.8.0

  17. 

  18. livekit_server_hostname: ""

  19. livekit_server_path_prefix: /

  20. 

  21. livekit_server_container_network: "{{ livekit_server_identifier }}"

  22. 

  23. livekit_server_container_additional_networks: "{{ livekit_server_container_additional_networks_auto + livekit_server_container_additional_networks_custom }}"

  24. livekit_server_container_additional_networks_auto: []

  25. livekit_server_container_additional_networks_custom: []

  26. 

  27. # Controls whether the LiveKit Server container exposes its RCT TCP port (`livekit_server_config_rtc_tcp_port`)

  28. #

  29. # Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:5349"), or empty string to not expose.

  30. livekit_server_container_rtc_tcp_host_bind_port: "{{ livekit_server_config_rtc_tcp_port if livekit_server_container_network != 'host' else '' }}"

  31. 

  32. # Controls whether the LiveKit Server container exposes its RTC UDP port range and which interface to do it on.

  33. #

  34. # Takes an interface "<ip address>" (e.g. "127.0.0.1"), or empty string to listen on all interfaces.

  35. # Takes a null/none value (`~`) or 'none' (as a string) to prevent listening.

  36. #

  37. # The UDP port-range itself is specified using `livekit_server_config_rtc_port_range_start` and `livekit_server_config_rtc_port_range_end`.

  38. livekit_server_container_rtc_range_listen_interface: "{{ '' if livekit_server_container_network != 'host' else 'none' }}"

  39. 

  40. livekit_server_container_image_self_build: false

  41. livekit_server_container_repo: "https://github.com/livekit/livekit.git"

  42. livekit_server_container_repo_version: "{{ 'main' if livekit_server_version == 'latest' else livekit_server_version }}"

  43. livekit_server_container_src_files_path: "{{ livekit_server_base_path }}/container-src"

  44. 

  45. livekit_server_container_image: "{{ livekit_server_container_image_name_prefix }}livekit/livekit-server:{{ livekit_server_version }}"

  46. livekit_server_container_image_name_prefix: "{{ 'localhost/' if livekit_server_container_image_self_build else 'docker.io/' }}"

  47. livekit_server_container_image_force_pull: "{{ livekit_server_container_image.endswith(':latest') }}"

  48. 

  49. livekit_server_container_labels_traefik_enabled: true

  50. livekit_server_container_labels_traefik_docker_network: "{{ livekit_server_container_network }}"

  51. livekit_server_container_labels_traefik_hostname: "{{ livekit_server_hostname }}"

  52. # The path prefix must either be `/` or not end with a slash (e.g. `/element`).

  53. livekit_server_container_labels_traefik_path_prefix: "{{ livekit_server_path_prefix }}"

  54. livekit_server_container_labels_traefik_rule: "Host(`{{ livekit_server_container_labels_traefik_hostname }}`){% if livekit_server_container_labels_traefik_path_prefix != '/' %} && PathPrefix(`{{ livekit_server_container_labels_traefik_path_prefix }}`){% endif %}"

  55. livekit_server_container_labels_traefik_priority: 0

  56. livekit_server_container_labels_traefik_entrypoints: web-secure

  57. livekit_server_container_labels_traefik_tls: "{{ livekit_server_container_labels_traefik_entrypoints != 'web' }}"

  58. livekit_server_container_labels_traefik_tls_certResolver: default  # noqa var-naming

  59. 

  60. # Controls which additional headers to attach to all HTTP responses.

  61. # To add your own headers, use `livekit_server_container_labels_traefik_additional_response_headers_custom`

  62. livekit_server_container_labels_traefik_additional_response_headers: "{{ livekit_server_container_labels_traefik_additional_response_headers_auto | combine(livekit_server_container_labels_traefik_additional_response_headers_custom) }}"

  63. livekit_server_container_labels_traefik_additional_response_headers_auto: |

  64.   {{

  65.     {}

  66.     | combine ({'X-XSS-Protection': livekit_server_http_header_xss_protection} if livekit_server_http_header_xss_protection else {})

  67.     | combine ({'X-Frame-Options': livekit_server_http_header_frame_options} if livekit_server_http_header_frame_options else {})

  68.     | combine ({'X-Content-Type-Options': livekit_server_http_header_content_type_options} if livekit_server_http_header_content_type_options else {})

  69.     | combine ({'Content-Security-Policy': livekit_server_http_header_content_security_policy} if livekit_server_http_header_content_security_policy else {})

  70.     | combine ({'Permission-Policy': livekit_server_http_header_content_permission_policy} if livekit_server_http_header_content_permission_policy else {})

  71.     | combine ({'Strict-Transport-Security': livekit_server_http_header_strict_transport_security} if livekit_server_http_header_strict_transport_security and livekit_server_container_labels_traefik_tls else {})

  72.   }}

  73. livekit_server_container_labels_traefik_additional_response_headers_custom: {}

  74. 

  75. # matrix_client_element_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.

  76. # See `../templates/labels.j2` for details.

  77. #

  78. # Example:

  79. # matrix_client_element_container_labels_additional_labels: |

  80. #   my.label=1

  81. #   another.label="here"

  82. livekit_server_container_labels_additional_labels: ''

  83. 

  84. # A list of extra arguments to pass to the container

  85. livekit_server_container_extra_arguments: []

  86. 

  87. # Additional environment variables for the container

  88. livekit_server_environment_variables_additional: {}

  89. 

  90. # List of systemd services that matrix-element-call.service depends on

  91. livekit_server_systemd_required_services_list: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"

  92. 

  93. # Specifies the value of the `X-XSS-Protection` header

  94. # Stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.

  95. #

  96. # Learn more about it is here:

  97. # - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection

  98. # - https://portswigger.net/web-security/cross-site-scripting/reflected

  99. livekit_server_http_header_xss_protection: ''

  100. 

  101. # Specifies the value of the `X-Frame-Options` header which controls whether framing can happen.

  102. # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options

  103. livekit_server_http_header_frame_options: ''

  104. 

  105. # Specifies the value of the `X-Content-Type-Options` header.

  106. # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options

  107. livekit_server_http_header_content_type_options: ''

  108. 

  109. # Specifies the value of the `Content-Security-Policy` header.

  110. # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy

  111. livekit_server_http_header_content_security_policy: ''

  112. 

  113. # Specifies the value of the `Permission-Policy` header.

  114. # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permission-Policy

  115. livekit_server_http_header_content_permission_policy: ''

  116. 

  117. # Specifies the value of the `Strict-Transport-Security` header.

  118. # See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

  119. livekit_server_http_header_strict_transport_security: ''

  120. 

  121. # Controls whether to send a "Permissions-Policy interest-cohort=();" header along with all responses

  122. #

  123. # Learn more about what it is here:

  124. # - https://www.eff.org/deeplinks/2021/03/googles-floc-terrible-idea

  125. # - https://paramdeo.com/blog/opting-your-website-out-of-googles-floc-network

  126. # - https://amifloced.org/

  127. #

  128. # Of course, a better solution is to just stop using browsers (like Chrome), which participate in such tracking practices.

  129. # See: `livekit_server_content_permission_policy`

  130. livekit_server_floc_optout_enabled: false

  131. 

  132. # Controls if HSTS preloading is enabled

  133. #

  134. # In its strongest and recommended form, the [HSTS policy](https://www.chromium.org/hsts) includes all subdomains, and

  135. # indicates a willingness to be "preloaded" into browsers:

  136. # `Strict-Transport-Security: max-age=31536000; includeSubDomains; preload`

  137. # For more information visit:

  138. # - https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security

  139. # - https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security

  140. # - https://hstspreload.org/#opt-in

  141. # See: `livekit_server_http_header_strict_transport_security`

  142. livekit_server_hsts_preload_enabled: true

  143. 

  144. # Controls the `port` configuration property.

  145. livekit_server_config_port: 7880

  146. 

  147. # Controls the `rtc.tcp_port` configuration property

  148. livekit_server_config_rtc_tcp_port: 7881

  149. 

  150. # Controls the `rtc.port_range_start` configuration property

  151. livekit_server_config_rtc_port_range_start: 50100

  152. 

  153. # Controls the `rtc.port_range_end` configuration property

  154. livekit_server_config_rtc_port_range_end: 50200

  155. 

  156. # Controls the `rtc.use_external_ip` configuration property

  157. livekit_server_config_rtc_use_external_ip: true

  158. 

  159. # Controls the `keys` configuration property.

  160. livekit_server_config_keys: "{{ livekit_server_config_keys_auto | combine(livekit_server_config_keys_custom, recursive=True) }}"

  161. livekit_server_config_keys_auto: {}

  162. livekit_server_config_keys_custom: {}