overmind
/
matrix-docker-ansible-deploy
зеркало из https://github.com/spantaleev/matrix-docker-ansible-deploy


			
				
					
						
						
							
							# SPDX-FileCopyrightText: 2022 MDAD project contributors
# SPDX-FileCopyrightText: 2024 wjbeckett
# SPDX-FileCopyrightText: 2024, 2025 Slavi Pantaleev
# SPDX-FileCopyrightText: 2025, 2026 Suguru Hirahara
#
# SPDX-License-Identifier: AGPL-3.0-or-later

---
# Project source code URL: https://github.com/livekit/livekit

livekit_server_enabled: false

livekit_server_identifier: livekit-server
livekit_server_base_path: "/{{ livekit_server_identifier }}"
livekit_server_config_path: "{{ livekit_server_base_path }}/config"

# renovate: datasource=docker depName=docker.io/livekit/livekit-server
livekit_server_version: v1.9.11

livekit_server_uid: ""
livekit_server_gid: ""

# The scheme used for serving LiveKit Server.
livekit_server_scheme: https

# The hostname at which LiveKit Server is served.
livekit_server_hostname: ""

# The path at which LiveKit Server is served.
livekit_server_path_prefix: /

livekit_server_container_image: "{{ livekit_server_container_image_registry_prefix }}livekit/livekit-server:{{ livekit_server_version }}"
livekit_server_container_image_registry_prefix: "{{ 'localhost/' if livekit_server_container_image_self_build else livekit_server_container_image_registry_prefix_upstream }}"
livekit_server_container_image_registry_prefix_upstream: "{{ livekit_server_container_image_registry_prefix_upstream_default }}"
livekit_server_container_image_registry_prefix_upstream_default: docker.io/
livekit_server_container_image_force_pull: "{{ livekit_server_container_image.endswith(':latest') }}"

livekit_server_container_image_self_build: false
livekit_server_container_image_self_build_name: "livekit/livekit:{{ livekit_server_container_image_self_build_repo_version }}"
livekit_server_container_image_self_build_repo: "https://github.com/livekit/livekit.git"
livekit_server_container_image_self_build_repo_version: "{{ livekit_server_version if livekit_server_version != 'latest' else 'main' }}"
livekit_server_container_image_self_build_src_files_path: "{{ livekit_server_base_path }}/docker-src"

# The base container network. It will be auto-created by this role if it doesn't exist already.
livekit_server_container_network: "{{ livekit_server_identifier }}"

# Controls whether to publish the HTTP port (livekit_server_config_port / 7880) on the host.
# Useful when a reverse proxy (e.g. nginx) runs on the host rather than in a container network.
# Accepts: "<ip>:<host_port>" (e.g. "192.168.90.83:7880"), "<host_port>" (e.g. "7880"),
# or empty string "" to skip publishing this port.
livekit_server_container_http_host_bind_port: ""

# Specify how the container publishes its RTC port and which interface to do it on.
#
# Takes an interface "<ip address>" (e.g. "127.0.0.1"), or empty string to listen on all interfaces.
# Takes a null/none value (`~`) or 'none' (as a string) to prevent listening.
livekit_server_container_rtc_listen_interface: "{{ '' if livekit_server_container_network != 'host' else 'none' }}"

# Specify how the container publishes its TURN port and which interface to do it on.
#
# Takes an interface "<ip address>" (e.g. "127.0.0.1"), or empty string to listen on all interfaces.
# Takes a null/none value (`~`) or 'none' (as a string) to prevent listening.
livekit_server_container_turn_listen_interface: "{{ '' if livekit_server_container_network != 'host' else 'none' }}"

# Specify how the container publishes its metrics and which interface to do it on.
#
# Takes an interface "<ip address>" (e.g. "127.0.0.1"), or empty string to listen on all interfaces.
# Takes a null/none value (`~`) or 'none' (as a string) to prevent listening.
# See `livekit_server_config_prometheus_port`.
livekit_server_container_metrics_listen_interface: ~

# A list of additional container networks that the container would be connected to.
# The role does not create these networks, so make sure they already exist.
# Use this to expose this container to another reverse proxy, which runs in a different container network.
livekit_server_container_additional_networks: "{{ livekit_server_container_additional_networks_auto + livekit_server_container_additional_networks_custom }}"
livekit_server_container_additional_networks_auto: []
livekit_server_container_additional_networks_custom: []

# A list of additional "volumes" to mount in the container.
# This list gets populated dynamically at runtime. You can provide a different default value,
# if you wish to mount your own files into the container.
# Contains definition objects like this: `{"type": "bind", "src": "/outside", "dst": "/inside", "options": "readonly"}.
# See the `--mount` documentation for the `docker run` command.
livekit_server_container_additional_volumes: "{{ livekit_server_container_additional_volumes_auto + livekit_server_container_additional_volumes_custom }}"
livekit_server_container_additional_volumes_auto: []
livekit_server_container_additional_volumes_custom: []

# livekit_server_container_labels_traefik_enabled controls whether labels to assist a Traefik reverse-proxy will be attached to the container.
# See `../templates/labels.j2` for details.
#
# To inject your own other container labels, see `livekit_server_container_labels_additional_labels_custom`.
livekit_server_container_labels_traefik_enabled: true
livekit_server_container_labels_traefik_docker_network: "{{ livekit_server_container_network }}"
livekit_server_container_labels_traefik_hostname: "{{ livekit_server_hostname }}"
# The path prefix must either be `/` or not end with a slash (e.g. `/element`).
livekit_server_container_labels_traefik_path_prefix: "{{ livekit_server_path_prefix }}"
livekit_server_container_labels_traefik_rule: "Host(`{{ livekit_server_container_labels_traefik_hostname }}`){% if livekit_server_container_labels_traefik_path_prefix != '/' %} && PathPrefix(`{{ livekit_server_container_labels_traefik_path_prefix }}`){% endif %}"
livekit_server_container_labels_traefik_priority: 0
livekit_server_container_labels_traefik_entrypoints: web-secure
livekit_server_container_labels_traefik_tls: "{{ livekit_server_container_labels_traefik_entrypoints != 'web' }}"
livekit_server_container_labels_traefik_tls_certResolver: default  # noqa var-naming

# Controls whether labels will be added that expose metrics (see `livekit_server_metrics_proxying_enabled`)
livekit_server_container_labels_public_metrics_enabled: "{{ livekit_server_config_prometheus_enabled and livekit_server_metrics_proxying_enabled }}"
livekit_server_container_labels_public_metrics_traefik_path: "{{ livekit_server_metrics_proxying_path }}"
livekit_server_container_labels_public_metrics_traefik_rule: "Host(`{{ livekit_server_metrics_proxying_hostname }}`) && Path(`{{ livekit_server_container_labels_public_metrics_traefik_path }}`)"
livekit_server_container_labels_public_metrics_traefik_priority: 0
livekit_server_container_labels_public_metrics_traefik_entrypoints: "{{ livekit_server_container_labels_traefik_entrypoints }}"
livekit_server_container_labels_public_metrics_traefik_tls: "{{ livekit_server_container_labels_traefik_tls }}"
livekit_server_container_labels_public_metrics_traefik_tls_certResolver: "{{ livekit_server_container_labels_traefik_tls_certResolver }}"  # noqa var-naming
livekit_server_container_labels_public_metrics_middleware_basic_auth_enabled: false
# See: https://doc.traefik.io/traefik/reference/routing-configuration/http/middlewares/basicauth/
livekit_server_container_labels_public_metrics_middleware_basic_auth_users: ""

# livekit_server_container_labels_additional_labels contains a multiline string with additional labels to add to the container label file.
# See `../templates/labels.j2` for details.
# To add your own custom labels, use `livekit_server_container_labels_additional_labels_custom`
#
# Example:
# livekit_server_container_labels_additional_labels_custom:
#   - my.label=1
#   - another.label="here"
livekit_server_container_labels_additional_labels: "{{ livekit_server_container_labels_additional_labels_auto + livekit_server_container_labels_additional_labels_custom }}"
livekit_server_container_labels_additional_labels_auto: []
livekit_server_container_labels_additional_labels_custom: []

# A list of extra arguments to pass to the container (`docker create` command)
livekit_server_container_extra_arguments: "{{ livekit_server_container_extra_arguments_auto + livekit_server_container_extra_arguments_custom }}"
livekit_server_container_extra_arguments_auto: []
livekit_server_container_extra_arguments_custom: []

# Specifies the maximum size of the socket receive buffer (`net.core.rmem_max`) kernel parameter on the host (which will cascade into the container) to at least this value.
# If the host uses a larger value, this will be ignored.
#
# We intentionally increase these buffers to 7.5MB, to LiveKit Server happy.
# It may otherwise report something like:
# > rtcconfig/rtc_unix.go:31        UDP receive buffer is too small for a production set-up        {"current": 425984, "suggested": 5000000}
#
#
# The reason we apply this at the host level, not via `docker run --sysctl` is that
# the `docker run --sysctl` option doesn't seem to work here (likely because it's Alpine in the container or something):
# > Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: open /proc/sys/net/core/rmem_max: permission denied
# This same error is produced even if the container is started as root, with all capabilities, and `--privileged`, etc.
#
# If this is blank, no sysctl changes will be made.
livekit_server_host_sysctl_minimum_net_core_rmem_max: 7500000

# Specifies the maximum size of the socket send buffer (`net.core.wmem_max`) kernel parameter on the host (which will cascade into the container) to at least this value.
# If the host uses a larger value, this will be ignored.
#
# See the comment for `livekit_server_host_sysctl_minimum_net_core_rmem_max` for more details
# about why we need to increase these buffers.
#
# If this is blank, no sysctl changes will be made.
livekit_server_host_sysctl_minimum_net_core_wmem_max: 7500000

# List of systemd services that the LiveKit Server service depends on
livekit_server_systemd_required_services_list: "{{ livekit_server_systemd_required_services_list_default + livekit_server_systemd_required_services_list_auto + livekit_server_systemd_required_services_list_custom }}"
livekit_server_systemd_required_services_list_default: "{{ [devture_systemd_docker_base_docker_service_name] if devture_systemd_docker_base_docker_service_name else [] }}"
livekit_server_systemd_required_services_list_auto: []
livekit_server_systemd_required_services_list_custom: []

# List of systemd services that the LiveKit Server systemd service wants
livekit_server_systemd_wanted_services_list: "{{ livekit_server_systemd_wanted_services_list_default + livekit_server_systemd_wanted_services_list_auto + livekit_server_systemd_wanted_services_list_custom }}"
livekit_server_systemd_wanted_services_list_default: []
livekit_server_systemd_wanted_services_list_auto: []
livekit_server_systemd_wanted_services_list_custom: []

# Holds the final LiveKit Server configuration (a combination of the default and its extension).
# You most likely don't need to touch this variable. Instead, see `livekit_server_configuration_yaml` or `livekit_server_configuration_extension_yaml`.
livekit_server_configuration: "{{ livekit_server_configuration_yaml | from_yaml | combine(livekit_server_configuration_extension, recursive=True) }}"

# Default LiveKit Server configuration template which covers the generic use case.
# You can customize it by controlling the various variables inside it.
#
# For a more advanced customization, you can extend the default (see `livekit_server_configuration_extension_yaml`)
# or completely replace this variable with your own template.
livekit_server_configuration_yaml: "{{ lookup('template', 'templates/config.yaml.j2') }}"

livekit_server_configuration_extension_yaml: |
  # Your custom YAML configuration for LiveKit Server goes here.
  # This configuration extends the default starting configuration (`livekit_server_configuration_yaml`).
  #
  # You can override individual variables from the default configuration, or introduce new ones.
  #
  # If you need something more special, you can take full control by
  # completely redefining `livekit_server_configuration_yaml`.
  #
  # Example configuration extension follows:
  #
  # logging:
  #   level: debug

livekit_server_configuration_extension: "{{ livekit_server_configuration_extension_yaml | from_yaml if livekit_server_configuration_extension_yaml | from_yaml is mapping else {} }}"

# Controls the `port` configuration property.
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
livekit_server_config_port: 7880

# Controls the `bind_addresses` configuration property.
livekit_server_config_bind_addresses: ["::"]

# Specify the timezone
livekit_server_environment_variables_tz: UTC

# Additional environment variables.
livekit_server_environment_variables_additional_variables: ""

########################################################################################
#                                                                                      #
# Room                                                                                 #
#                                                                                      #
########################################################################################

# Controls the `room.auto_create` configuration property.
# (Allow rooms to be automatically created when participants join).
#
# This defaults to true based on upstream defaults.
# Ref: https://github.com/livekit/livekit/blob/5e483e7554e5afbf254acf84e3ec0aa6e108e758/config-sample.yaml#L168-L170
livekit_server_config_room_auto_create: true

########################################################################################
#                                                                                      #
# /Room                                                                                #
#                                                                                      #
########################################################################################

########################################################################################
#                                                                                      #
# RTC                                                                                  #
#                                                                                      #
########################################################################################

# Controls the `rtc.tcp_port` configuration property
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
livekit_server_config_rtc_tcp_port: 7881

# Controls the `rtc.port_range_start` configuration property.
# This must be defined together with `livekit_server_config_rtc_port_range_end`,
# or alternatively `livekit_server_config_rtc_udp_port` can be defined as a single port that handles all traffic.
# Example: 50100
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
livekit_server_config_rtc_port_range_start: ""

# Controls the `rtc.port_range_end` configuration property.
# This must be defined together with `livekit_server_config_rtc_port_range_start`,
# or alternatively `livekit_server_config_rtc_udp_port` can be defined as a single port that handles all traffic.
# Example: 50200
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
livekit_server_config_rtc_port_range_end: ""

# Controls the `rtc.udp_port` configuration property.
# As an alternative to this, one may define both `livekit_server_config_rtc_port_range_start` and `livekit_server_config_rtc_port_range_end`.
# Example: 7882
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
livekit_server_config_rtc_udp_port: 7882

# Controls the `rtc.use_external_ip` configuration property.
# When set to true, attempts to discover the host's public IP via STUN.
# This is useful for cloud environments such as AWS & Google where hosts have an internal IP that maps to an external one.
# Related to: `livekit_server_config_rtc_node_ip`
livekit_server_config_rtc_use_external_ip: true

# Controls the `rtc.node_ip` configuration property.
# This is the IP address sent to the client in case you cannot rely on external IP auto-detection.
# Related to `livekit_server_config_rtc_use_external_ip`
# See: https://github.com/livekit/livekit/issues/3747
livekit_server_config_rtc_node_ip: ""

########################################################################################
#                                                                                      #
# /RTC                                                                                 #
#                                                                                      #
########################################################################################

########################################################################################
#                                                                                      #
# TURN                                                                                 #
#                                                                                      #
########################################################################################

# Controls the `turn.enabled` configuration property.
# When set to true, enables TURN server.
livekit_server_config_turn_enabled: false

# Controls the `turn.domain` configuration property.
# Example: livekit.example.com
livekit_server_config_turn_domain: "{{ livekit_server_hostname }}"

# Controls the `turn.cert_file` configuration property.
# Path to the TLS certificate file in the container.
# Files on the host can be mounted into the container using `livekit_server_container_additional_volumes`.
livekit_server_config_turn_cert_file: ""

# Controls the `turn.key_file` configuration property.
# Path to the TLS key file in the container.
# Files on the host can be mounted into the container using `livekit_server_container_additional_volumes`.
livekit_server_config_turn_key_file: ""

# Controls the `turn.external_tls` configuration property.
livekit_server_config_turn_external_tls: false

# Controls the `turn.tls_port` configuration property.
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
livekit_server_config_turn_tls_port: 5349

# Controls the `turn.udp_port` configuration property.
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
livekit_server_config_turn_udp_port: 3478

########################################################################################
#                                                                                      #
# /TURN                                                                                #
#                                                                                      #
########################################################################################

########################################################################################
#                                                                                      #
# Prometheus                                                                           #
#                                                                                      #
########################################################################################

# When set to true, enables Prometheus metrics.
livekit_server_config_prometheus_enabled: false

# Controls the `prometheus.port` configuration property, which affects the metrics port (in the container) that LiveKit Server exposes.
livekit_server_config_prometheus_port: 8081

# Controls the `prometheus.username` configuration property.
# As an alternative, can configure authentication via `livekit_server_container_labels_public_metrics_middleware_basic_auth_users` as well.
livekit_server_config_prometheus_username: ""

# Controls the `prometheus.password` configuration property.
# As an alternative, can configure authentication via `livekit_server_container_labels_public_metrics_middleware_basic_auth_users` as well.
livekit_server_config_prometheus_password: ""

########################################################################################
#                                                                                      #
# /Prometheus                                                                          #
#                                                                                      #
########################################################################################

# Controls the `keys` configuration property.
livekit_server_config_keys: "{{ livekit_server_config_keys_auto | combine(livekit_server_config_keys_custom, recursive=True) }}"
livekit_server_config_keys_auto: {}
livekit_server_config_keys_custom: {}

########################################################################################
#                                                                                      #
# Limits                                                                               #
#                                                                                      #
########################################################################################

# Ref:
# - https://github.com/livekit/livekit/blob/46651c1978c8ae29d9b2d544b8b089c0960c9314/config-sample.yaml#L311-L330
# - https://github.com/livekit/livekit/blob/46651c1978c8ae29d9b2d544b8b089c0960c9314/pkg/config/config.go#L395-L401
# - for `num_tracks` and `bytes_per_sec`, the config-sample-yaml comments seem to be misleading. Defaults seem to be `0` in LiveKit code.

# Controls the `limit.num_tracks` configuration property.
# Set to -1 or 0 to disable the limit.
livekit_server_config_limit_num_tracks: 0

# Controls the `limit.bytes_per_sec` configuration property.
# Set to 0 to disable the limit.
livekit_server_config_limit_bytes_per_sec: 0

# Controls the `limit.subscription_limit_video` configuration property.
# How many video tracks a single participant can subscribe to at the same time.
# 0 means no limit.
livekit_server_config_limit_subscription_limit_video: 0

# Controls the `limit.subscription_limit_audio` configuration property.
# How many audio tracks a single participant can subscribe to at the same time.
# 0 means no limit.
livekit_server_config_limit_subscription_limit_audio: 0

# Controls the `limit.max_metadata_size` configuration property.
# Limit size of room and participant's metadata. 0 means no limit.
livekit_server_config_limit_max_metadata_size: 64000

# Controls the `limit.max_attributes_size` configuration property.
# Limit total size of all attributes on a participant. 0 means no limit.
livekit_server_config_limit_max_attributes_size: 64000

# Controls the `limit.max_room_name_length` configuration property.
# Limit length of room names. 0 means no limit.
livekit_server_config_limit_max_room_name_length: 256

# Controls the `limit.max_participant_identity_length` configuration property.
# Limit length of participant identity. 0 means no limit.
livekit_server_config_limit_max_participant_identity_length: 256

# Controls the `limit.max_participant_name_length` configuration property.
# Limit length of participant names. 0 means no limit.
livekit_server_config_limit_max_participant_name_length: 256

########################################################################################
#                                                                                      #
# /Limits                                                                              #
#                                                                                      #
########################################################################################

########################################################################################
#                                                                                      #
# Logging                                                                              #
#                                                                                      #
########################################################################################

# Controls the `logging.level` configuration property.
# Valid values: debug, info, warn, error
livekit_server_config_logging_level: info

# Controls the `logging.pion_level` configuration property
livekit_server_config_logging_pion_level: error

# Controls the `logging.json` configuration property.
# When set to true, emits json fields.
livekit_server_config_logging_json: false

# Controls the `logging.sample` configuration property.
# For production setups, enables sampling algorithm.
# See: https://github.com/uber-go/zap/blob/master/FAQ.md#why-sample-application-logs
livekit_server_config_logging_sample: false

########################################################################################
#                                                                                      #
# /Logging                                                                             #
#                                                                                      #
########################################################################################

# Controls whether LiveKitServer's metrics should be proxied (exposed) publicly via Traefik.
livekit_server_metrics_proxying_enabled: false
livekit_server_metrics_proxying_hostname: ""
livekit_server_metrics_proxying_path: /metrics/livekit-server

# livekit_server_restart_necessary controls whether the LiveKit Server systemd
# service will be restarted (when true) or merely started (when false) by the
# systemd service manager role (when conditional restart is enabled).
#
# This value is automatically computed during installation based on whether
# any configuration files, the systemd service file, or the container image changed.
# The default of `false` means "no restart needed" — appropriate when the role's
# installation tasks haven't run (e.g., due to --tags skipping them).
livekit_server_restart_necessary: false