Disable turns when Let's Encrypt is used
Supersedes https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1145
This commit is contained in:
parent
935967f3a6
commit
8b146f083e
|
@ -1474,7 +1474,7 @@ matrix_postgres_additional_databases: |
|
||||||
'username': matrix_prometheus_postgres_exporter_database_username,
|
'username': matrix_prometheus_postgres_exporter_database_username,
|
||||||
'password': matrix_prometheus_postgres_exporter_database_password,
|
'password': matrix_prometheus_postgres_exporter_database_password,
|
||||||
}] if (matrix_prometheus_postgres_exporter_enabled and matrix_prometheus_postgres_exporter_database_hostname == 'matrix-postgres') else [])
|
}] if (matrix_prometheus_postgres_exporter_enabled and matrix_prometheus_postgres_exporter_database_hostname == 'matrix-postgres') else [])
|
||||||
|
|
||||||
}}
|
}}
|
||||||
|
|
||||||
matrix_postgres_import_roles_to_ignore: |
|
matrix_postgres_import_roles_to_ignore: |
|
||||||
|
@ -1671,16 +1671,23 @@ matrix_synapse_email_notif_from: "Matrix <{{ matrix_mailer_sender_address }}>"
|
||||||
|
|
||||||
# Even if TURN doesn't support TLS (it does by default),
|
# Even if TURN doesn't support TLS (it does by default),
|
||||||
# it doesn't hurt to try a secure connection anyway.
|
# it doesn't hurt to try a secure connection anyway.
|
||||||
|
#
|
||||||
|
# When Let's Encrypt certificates are used (the default case),
|
||||||
|
# we don't enable `turns` endpoints, because WebRTC in Element can't talk to them.
|
||||||
|
# Learn more here: https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1145
|
||||||
matrix_synapse_turn_uris: |
|
matrix_synapse_turn_uris: |
|
||||||
{{
|
{{
|
||||||
|
[]
|
||||||
|
+
|
||||||
[
|
[
|
||||||
'turns:' + matrix_server_fqn_matrix + '?transport=udp',
|
'turns:' + matrix_server_fqn_matrix + '?transport=udp',
|
||||||
'turns:' + matrix_server_fqn_matrix + '?transport=tcp',
|
'turns:' + matrix_server_fqn_matrix + '?transport=tcp',
|
||||||
|
] if matrix_coturn_enabled and matrix_ssl_retrieval_method != 'lets-encrypt' else []
|
||||||
|
+
|
||||||
|
[
|
||||||
'turn:' + matrix_server_fqn_matrix + '?transport=udp',
|
'turn:' + matrix_server_fqn_matrix + '?transport=udp',
|
||||||
'turn:' + matrix_server_fqn_matrix + '?transport=tcp',
|
'turn:' + matrix_server_fqn_matrix + '?transport=tcp',
|
||||||
]
|
] if matrix_coturn_enabled else []
|
||||||
if matrix_coturn_enabled
|
|
||||||
else []
|
|
||||||
}}
|
}}
|
||||||
|
|
||||||
matrix_synapse_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if matrix_coturn_enabled else '' }}"
|
matrix_synapse_turn_shared_secret: "{{ matrix_coturn_turn_static_auth_secret if matrix_coturn_enabled else '' }}"
|
||||||
|
|
Loading…
Reference in a new issue