mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2025-10-18 02:09:43 +02:00
Adjust LiveKit Server ports and exposure
This commit is contained in:
Slavi Pantaleev
@@ -31,18 +31,17 @@ livekit_server_container_additional_networks: "{{ livekit_server_container_addit
|
||||
livekit_server_container_additional_networks_auto: []
|
||||
livekit_server_container_additional_networks_custom: []
|
||||
|
||||
# Controls whether the LiveKit Server container exposes its RCT TCP port (`livekit_server_config_rtc_tcp_port`)
|
||||
#
|
||||
# Takes an "<ip>:<port>" or "<port>" value (e.g. "127.0.0.1:5349"), or empty string to not expose.
|
||||
livekit_server_container_rtc_tcp_host_bind_port: "{{ livekit_server_config_rtc_tcp_port if livekit_server_container_network != 'host' else '' }}"
|
||||
|
||||
# Controls whether the LiveKit Server container exposes its RTC UDP port range and which interface to do it on.
|
||||
# Controls whether the LiveKit Server container exposes its RTC ports and which interface to do it on.
|
||||
#
|
||||
# Takes an interface "<ip address>" (e.g. "127.0.0.1"), or empty string to listen on all interfaces.
|
||||
# Takes a null/none value (`~`) or 'none' (as a string) to prevent listening.
|
||||
livekit_server_container_rtc_listen_interface: "{{ '' if livekit_server_container_network != 'host' else 'none' }}"
|
||||
|
||||
# Controls whether the LiveKit Server container exposes its TURN ports and which interface to do it on.
|
||||
#
|
||||
# The UDP port-range itself is specified using `livekit_server_config_rtc_port_range_start` and `livekit_server_config_rtc_port_range_end`.
|
||||
livekit_server_container_rtc_range_listen_interface: "{{ '' if livekit_server_container_network != 'host' else 'none' }}"
|
||||
# Takes an interface "<ip address>" (e.g. "127.0.0.1"), or empty string to listen on all interfaces.
|
||||
# Takes a null/none value (`~`) or 'none' (as a string) to prevent listening.
|
||||
livekit_server_container_turn_listen_interface: "{{ '' if livekit_server_container_network != 'host' else 'none' }}"
|
||||
|
||||
livekit_server_container_image_self_build: false
|
||||
livekit_server_container_repo: "https://github.com/livekit/livekit.git"
|
||||
@@ -178,22 +177,89 @@ livekit_server_configuration_extension_yaml: |
|
||||
livekit_server_configuration_extension: "{{ livekit_server_configuration_extension_yaml | from_yaml if livekit_server_configuration_extension_yaml | from_yaml is mapping else {} }}"
|
||||
|
||||
# Controls the `port` configuration property.
|
||||
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
|
||||
livekit_server_config_port: 7880
|
||||
|
||||
########################################################################################
|
||||
# #
|
||||
# RTC #
|
||||
# #
|
||||
########################################################################################
|
||||
|
||||
# Controls the `rtc.tcp_port` configuration property
|
||||
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
|
||||
livekit_server_config_rtc_tcp_port: 7881
|
||||
|
||||
# Controls the `rtc.port_range_start` configuration property
|
||||
livekit_server_config_rtc_port_range_start: 50100
|
||||
# Controls the `rtc.port_range_start` configuration property.
|
||||
# This must be defined together with `livekit_server_config_rtc_port_range_end`,
|
||||
# or alternatively `livekit_server_config_rtc_udp_port` can be defined as a single port that handles all traffic.
|
||||
# Example: 50100
|
||||
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
|
||||
livekit_server_config_rtc_port_range_start: ''
|
||||
|
||||
# Controls the `rtc.port_range_end` configuration property
|
||||
livekit_server_config_rtc_port_range_end: 50120
|
||||
# Controls the `rtc.port_range_end` configuration property.
|
||||
# This must be defined together with `livekit_server_config_rtc_port_range_start`,
|
||||
# or alternatively `livekit_server_config_rtc_udp_port` can be defined as a single port that handles all traffic.
|
||||
# Example: 50200
|
||||
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
|
||||
livekit_server_config_rtc_port_range_end: ''
|
||||
|
||||
# Controls the `rtc.udp_port` configuration property.
|
||||
# As an alternative to this, one may define both `livekit_server_config_rtc_port_range_start` and `livekit_server_config_rtc_port_range_end`.
|
||||
# Example: 7882
|
||||
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
|
||||
livekit_server_config_rtc_udp_port: 7882
|
||||
|
||||
# Controls the `rtc.use_external_ip` configuration property.
|
||||
# When set to true, attempts to discover the host's public IP via STUN.
|
||||
# This is useful for cloud environments such as AWS & Google where hosts have an internal IP that maps to an external one.
|
||||
livekit_server_config_rtc_use_external_ip: true
|
||||
|
||||
########################################################################################
|
||||
# #
|
||||
# /RTC #
|
||||
# #
|
||||
########################################################################################
|
||||
|
||||
########################################################################################
|
||||
# #
|
||||
# TURN #
|
||||
# #
|
||||
########################################################################################
|
||||
|
||||
# Controls the `turn.enabled` configuration property.
|
||||
# When set to true, enables TURN server.
|
||||
livekit_server_config_turn_enabled: false
|
||||
|
||||
# Controls the `turn.domain` configuration property.
|
||||
# Example: livekit.example.com
|
||||
livekit_server_config_turn_domain: "{{ livekit_server_hostname }}"
|
||||
|
||||
# Controls the `turn.cert_file` configuration property.
|
||||
# Path to the TLS certificate file.
|
||||
livekit_server_config_turn_cert_file: ''
|
||||
|
||||
# Controls the `turn.key_file` configuration property.
|
||||
# Path to the TLS key file.
|
||||
livekit_server_config_turn_key_file: ''
|
||||
|
||||
# Controls the `turn.external_tls` configuration property.
|
||||
livekit_server_config_turn_external_tls: false
|
||||
|
||||
# Controls the `turn.tls_port` configuration property.
|
||||
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
|
||||
livekit_server_config_turn_tls_port: 5349
|
||||
|
||||
# Controls the `turn.udp_port` configuration property.
|
||||
# See: https://docs.livekit.io/home/self-hosting/ports-firewall/
|
||||
livekit_server_config_turn_udp_port: 3478
|
||||
|
||||
########################################################################################
|
||||
# #
|
||||
# /TURN #
|
||||
# #
|
||||
########################################################################################
|
||||
|
||||
# Controls the `keys` configuration property.
|
||||
livekit_server_config_keys: "{{ livekit_server_config_keys_auto | combine(livekit_server_config_keys_custom, recursive=True) }}"
|
||||
livekit_server_config_keys_auto: {}
|
||||
|
||||
@@ -16,3 +16,16 @@
|
||||
- {'name': 'livekit_server_identifier', when: true}
|
||||
- {'name': 'livekit_server_uid', when: true}
|
||||
- {'name': 'livekit_server_gid', when: true}
|
||||
- {'name': 'livekit_server_config_turn_domain', when: "{{ livekit_server_config_turn_enabled | bool }}"}
|
||||
- {'name': 'livekit_server_config_turn_cert_file', when: "{{ livekit_server_config_turn_enabled | bool }}"}
|
||||
- {'name': 'livekit_server_config_turn_key_file', when: "{{ livekit_server_config_turn_enabled | bool }}"}
|
||||
|
||||
- name: Fail if LiveKit Server port range configuration is invalid
|
||||
ansible.builtin.fail:
|
||||
msg: >
|
||||
You need to either define both port range settings (livekit_server_config_rtc_port_range_start and livekit_server_config_rtc_port_range_end)
|
||||
or define a single UDP port (livekit_server_config_rtc_udp_port).
|
||||
when: >
|
||||
(livekit_server_config_rtc_port_range_start | string | length > 0 and livekit_server_config_rtc_port_range_end | string | length == 0) or
|
||||
(livekit_server_config_rtc_port_range_start | string | length == 0 and livekit_server_config_rtc_port_range_end | string | length > 0) or
|
||||
(livekit_server_config_rtc_port_range_start | string | length == 0 and livekit_server_config_rtc_port_range_end | string | length == 0 and livekit_server_config_rtc_udp_port | string | length == 0)
|
||||
|
||||
@@ -1,3 +1,5 @@
|
||||
#jinja2: lstrip_blocks: "True"
|
||||
|
||||
port: {{ livekit_server_config_port | int | to_json }}
|
||||
|
||||
bind_addresses:
|
||||
@@ -5,18 +7,31 @@ bind_addresses:
|
||||
|
||||
rtc:
|
||||
tcp_port: {{ livekit_server_config_rtc_tcp_port | int | to_json }}
|
||||
|
||||
{% if livekit_server_config_rtc_udp_port %}
|
||||
udp_port: {{ livekit_server_config_rtc_udp_port | int | to_json }}
|
||||
{% endif %}
|
||||
|
||||
{% if livekit_server_config_rtc_port_range_start %}
|
||||
port_range_start: {{ livekit_server_config_rtc_port_range_start | int | to_json }}
|
||||
{% endif %}
|
||||
|
||||
{% if livekit_server_config_rtc_port_range_end %}
|
||||
port_range_end: {{ livekit_server_config_rtc_port_range_end | int | to_json }}
|
||||
{% endif %}
|
||||
|
||||
use_external_ip: {{ livekit_server_config_rtc_use_external_ip | to_json }}
|
||||
|
||||
turn:
|
||||
enabled: false
|
||||
domain: localhost
|
||||
cert_file: ""
|
||||
key_file: ""
|
||||
tls_port: 5349
|
||||
udp_port: 443
|
||||
external_tls: true
|
||||
enabled: {{ livekit_server_config_turn_enabled | to_json }}
|
||||
{% if livekit_server_config_turn_enabled %}
|
||||
domain: {{ livekit_server_config_turn_domain | to_json }}
|
||||
cert_file: {{ livekit_server_config_turn_cert_file | to_json }}
|
||||
key_file: {{ livekit_server_config_turn_key_file | to_json }}
|
||||
tls_port: {{ livekit_server_config_turn_tls_port | int | to_json }}
|
||||
udp_port: {{ livekit_server_config_turn_udp_port | int | to_json }}
|
||||
external_tls: {{ livekit_server_config_turn_external_tls | to_json }}
|
||||
{% endif %}
|
||||
|
||||
keys: {{ livekit_server_config_keys | to_json }}
|
||||
|
||||
|
||||
@@ -19,11 +19,20 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
|
||||
--user={{ livekit_server_uid }}:{{ livekit_server_gid }} \
|
||||
--cap-drop=ALL \
|
||||
--network={{ livekit_server_container_network }} \
|
||||
{% if livekit_server_container_rtc_tcp_host_bind_port != '' %}
|
||||
-p {{ livekit_server_container_rtc_tcp_host_bind_port }}:{{ livekit_server_config_rtc_tcp_port }} \
|
||||
{% if livekit_server_container_rtc_listen_interface is not in [none, 'none'] %}
|
||||
-p {{ livekit_server_container_rtc_listen_interface }}{{ ':' if livekit_server_container_rtc_listen_interface else '' }}{{ livekit_server_config_rtc_tcp_port }}:{{ livekit_server_config_rtc_tcp_port }} \
|
||||
{% endif %}
|
||||
{% if livekit_server_container_rtc_range_listen_interface is not in [none, 'none'] %}
|
||||
-p {{ livekit_server_container_rtc_range_listen_interface }}{{ ':' if livekit_server_container_rtc_range_listen_interface else '' }}{{ livekit_server_config_rtc_port_range_start }}-{{ livekit_server_config_rtc_port_range_end }}:{{ livekit_server_config_rtc_port_range_start }}-{{ livekit_server_config_rtc_port_range_end }}/udp \
|
||||
{% if livekit_server_container_rtc_listen_interface is not in [none, 'none'] and livekit_server_config_rtc_port_range_start and livekit_server_config_rtc_port_range_end %}
|
||||
-p {{ livekit_server_container_rtc_listen_interface }}{{ ':' if livekit_server_container_rtc_listen_interface else '' }}{{ livekit_server_config_rtc_port_range_start }}-{{ livekit_server_config_rtc_port_range_end }}:{{ livekit_server_config_rtc_port_range_start }}-{{ livekit_server_config_rtc_port_range_end }}/udp \
|
||||
{% endif %}
|
||||
{% if livekit_server_container_rtc_listen_interface is not in [none, 'none'] and livekit_server_config_rtc_udp_port %}
|
||||
-p {{ livekit_server_container_rtc_listen_interface }}{{ ':' if livekit_server_container_rtc_listen_interface else '' }}{{ livekit_server_config_rtc_udp_port }}:{{ livekit_server_config_rtc_udp_port }}/udp \
|
||||
{% endif %}
|
||||
{% if livekit_server_container_turn_listen_interface is not in [none, 'none'] and livekit_server_config_turn_enabled %}
|
||||
-p {{ livekit_server_container_turn_listen_interface }}{{ ':' if livekit_server_container_turn_listen_interface else '' }}{{ livekit_server_config_turn_tls_port }}:{{ livekit_server_config_turn_tls_port }} \
|
||||
{% endif %}
|
||||
{% if livekit_server_container_turn_listen_interface is not in [none, 'none'] and livekit_server_config_turn_enabled %}
|
||||
-p {{ livekit_server_container_turn_listen_interface }}{{ ':' if livekit_server_container_turn_listen_interface else '' }}{{ livekit_server_config_turn_udp_port }}:{{ livekit_server_config_turn_udp_port }} \
|
||||
{% endif %}
|
||||
--mount type=bind,src={{ livekit_server_config_path }}/config.yaml,dst=/livekit-config.yaml,ro \
|
||||
--label-file={{ livekit_server_base_path }}/labels \
|
||||
|
||||
Reference in New Issue
Block a user