überarbeitetes workadventure setup

webserver/docker_workadventure/tasks/main.yml

@@ -2,7 +2,10 @@
 
 - include_tasks: ../functions/get_secret.yml
   with_items:
-    - { path: "/srv/{{servicename}}/admin_api_token",  length: 24 }
+    - { path: "/srv/coturn/coturn_username",  length: 16 }
+    - { path: "/srv/coturn/coturn_password",  length: 16 }
+    - { path: "/srv/{{servicename}}/admin_api_token",  length: 32 }
+    - { path: "/srv/{{servicename}}/secret_key",  length: 32 }
 
 - name: "create folder struct for {{servicename}}"
   file:
@@ -11,12 +14,20 @@
   with_items:
     - "/srv/{{servicename}}/"
 
-- name: create config file
+- name: create config files
   template:
     src: "{{ item }}"
     dest: "/srv/{{servicename}}/{{ item }}"
   with_items:
+    - .env
     - docker-compose.yml
+  register: config
+
+- name: "stop {{servicename}} docker"
+  docker_compose:
+    project_src: /srv/{{servicename}}/
+    state: absent
+  when: config.changed
 
 - name: "start {{servicename}} docker"
   docker_compose:

webserver/docker_workadventure/templates/.env

+####################################################################################################
+# Config from:
+# - https://github.com/thecodingmachine/workadventure/tree/develop/contrib/docker
+# - https://nazimboudeffa.medium.com/how-to-install-work-adventure-bddb3d13c2ba
+####################################################################################################
+
+# Docker Image Version Tag 
+VERSION_TAG=v1.6.1
+
+# The base domain
+DOMAIN={{domain}}
+
+# Debug
+DEBUG_MODE=false
+
+# Use Jitsi Server from @h3rb3rn with good privacy settings
+JITSI_URL=jitsi.dorf-post.de
+
+# If your Jitsi environment has authentication set up, you MUST set JITSI_PRIVATE_MODE to "true" and you MUST pass a SECRET_JITSI_KEY to generate the JWT secret
+JITSI_PRIVATE_MODE=false
+JITSI_ISS=
+SECRET_JITSI_KEY=
+
+# URL of the TURN server (needed to "punch a hole" through some networks for P2P connections)
+TURN_SERVER=turn:turn.warpzone.ms
+TURN_USER={{coturn_username}}
+TURN_PASSWORD={{coturn_password}}
+
+# The URL used by default, in the form: "/_/global/map/url.json"
+START_ROOM_URL=/_/global/gitlab.warpzone.ms/workadventure/warpzone/-/raw/master/maps/Floor0/floor0.json
+
+# Set to true to allow using this instance as a target for the apiUrl property
+FEDERATE_PUSHER=false
+
+# Server settings
+MAX_PER_GROUP=100
+MAX_USERNAME_LENGTH=25
+DISABLE_NOTIFICATIONS=false
+SKIP_RENDER_OPTIMIZATIONS=false
+
+# Secrets
+SECRET_KEY="{{secret_key}}"
+ADMIN_API_TOKEN="{{admin_api_token}}"
+ADMIN_API_URL=
+

webserver/docker_workadventure/templates/docker-compose.yml

@@ -3,74 +3,87 @@ version: "3.3"
 services:
 
   front:
-    image: thecodingmachine/workadventure-front:v1.6.1
+    image: thecodingmachine/workadventure-front:${VERSION_TAG}
     restart: always
     environment:
-      DEBUG_MODE: "false"
-      JITSI_URL: "jitsi.dorf-post.de"
-      JITSI_PRIVATE_MODE: "false"
-      ADMIN_URL: //{{domain}}
-      PUSHER_URL: //pusher.{{domain}}
-      ICON_URL: //icon.{{domain}}
-      TURN_SERVER: ""
-      TURN_USER: ""
-      TURN_PASSWORD: ""
-      START_ROOM_URL: "/_/global/gitlab.warpzone.ms/workadventure/warpzone/-/raw/master/maps/Floor0/floor0.json"
+      DEBUG_MODE: "${DEBUG_MODE}"
+      JITSI_URL: "${JITSI_URL}"
+      JITSI_PRIVATE_MODE: "${JITSI_PRIVATE_MODE}"
+      PUSHER_URL: "//pusher.${DOMAIN}"
+      ADMIN_URL: "//admin.${DOMAIN}"
+      ICON_URL: "//icon.${DOMAIN}"
+      TURN_SERVER: "${TURN_SERVER}"
+      TURN_USER: "${TURN_USER}"
+      TURN_PASSWORD: "${TURN_PASSWORD}"
+      MAX_PER_GROUP: "${MAX_PER_GROUP}"
+      MAX_USERNAME_LENGTH: "${MAX_USERNAME_LENGTH}"
+      START_ROOM_URL: "${START_ROOM_URL}"
+      DISABLE_NOTIFICATIONS: "${DISABLE_NOTIFICATIONS}"
+      SKIP_RENDER_OPTIMIZATIONS: "${SKIP_RENDER_OPTIMIZATIONS}"
     labels:
       - traefik.enable=true
-      - traefik.http.routers.{{ servicename }}-front.rule=Host(`play.{{domain}}`)
+      - traefik.http.routers.{{ servicename }}-front.rule=Host(`play.${DOMAIN}`)
       - traefik.http.routers.{{ servicename }}-front.entrypoints=websecure
       - traefik.http.services.{{ servicename }}-front.loadbalancer.server.port=80
     networks:
       - default      
       - web  
 
+    
   pusher:
-    image: thecodingmachine/workadventure-pusher:v1.6.1
+    image: thecodingmachine/workadventure-pusher:${VERSION_TAG}
     restart: always
     command: yarn run runprod
     environment:
-      SECRET_JITSI_KEY: ""
-      SECRET_KEY: yourSecretKey
+      SECRET_JITSI_KEY: "${SECRET_JITSI_KEY}"
+      SECRET_KEY: ${SECRET_KEY}
       API_URL: back:50051
-      FRONT_URL: https://play.{{domain}}
-      JITSI_URL: "jitsi.dorf-post.de"
-      JITSI_ISS: ""
+      ADMIN_API_URL: "${ADMIN_API_URL}"
+      ADMIN_API_TOKEN: "${ADMIN_API_TOKEN}"
+      JITSI_URL: ${JITSI_URL}
+      JITSI_ISS: ${JITSI_ISS}
+      FRONT_URL : "https://play.${DOMAIN}"
     labels:
       - traefik.enable=true
-      - traefik.http.routers.{{ servicename }}-pusher.rule=Host(`pusher.{{domain}}`)
+      - traefik.http.routers.{{ servicename }}-pusher.rule=Host(`pusher.${DOMAIN}`)
       - traefik.http.routers.{{ servicename }}-pusher.entrypoints=websecure
       - traefik.http.services.{{ servicename }}-pusher.loadbalancer.server.port=8080
     networks:
       - default      
       - web  
 
+
   back:
-    image: thecodingmachine/workadventure-back:v1.6.1
+    image: thecodingmachine/workadventure-back:${VERSION_TAG}
     restart: always
     command: yarn run runprod
     environment:
-      SECRET_JITSI_KEY: ""
-      ADMIN_API_TOKEN: "{{admin_api_token}}"
-      ADMIN_API_URL: "{{domain}}"
-      JITSI_URL: "jitsi.dorf-post.de"
-      JITSI_ISS: ""
-      REDIS_HOST: redis
+      SECRET_KEY: "${SECRET_KEY}"
+      STARTUP_COMMAND_1: "yarn install"
+      SECRET_JITSI_KEY: "${SECRET_JITSI_KEY}"
+      ADMIN_API_TOKEN: "${ADMIN_API_TOKEN}"
+      ADMIN_API_URL: "${ADMIN_API_URL}"
+      JITSI_URL: ${JITSI_URL}
+      JITSI_ISS: ${JITSI_ISS}
+      MAX_PER_GROUP: ${MAX_PER_GROUP}
+      TURN_STATIC_AUTH_SECRET: "${TURN_STATIC_AUTH_SECRET}"
+      REDIS_HOST: "redis"
     labels:
       - traefik.enable=true
-      - traefik.http.routers.{{ servicename }}-back.rule=Host(`back.{{domain}}`)
+      - traefik.http.routers.{{ servicename }}-back.rule=Host(`api.${DOMAIN}`)
       - traefik.http.routers.{{ servicename }}-back.entrypoints=websecure
       - traefik.http.services.{{ servicename }}-back.loadbalancer.server.port=8080
     networks:
       - default      
       - web  
 
+
   icon:
     image: matthiasluedtke/iconserver:v3.13.0
     restart: always
     labels:
       - traefik.enable=true
-      - traefik.http.routers.{{ servicename }}-icon.rule=Host(`icon.{{domain}}`)
+      - traefik.http.routers.{{ servicename }}-icon.rule=Host(`icon.${DOMAIN}`)
       - traefik.http.routers.{{ servicename }}-icon.entrypoints=websecure
       - traefik.http.services.{{ servicename }}-icon.loadbalancer.server.port=8080
     networks:
@@ -84,6 +97,7 @@ services:
     networks:
       - default      
 
+
 networks:
   web:
     external: true