1. 30 Nov, 2020 1 commit
  2. 03 Nov, 2020 1 commit
    • ulif's avatar
      Use own STUN server only. · fb820019
      ulif authored
      The freeswitch STUN server. normally enabled as primary STUN, seems to
      experience major problems. We now use only one STUN server, the own one.
      For the whole config this means, that we _have_ to provide an own STUN
      server, if google STUN is not an option, which it is not.
  3. 09 Oct, 2020 2 commits
  4. 06 Oct, 2020 5 commits
  5. 14 Jun, 2020 1 commit
  6. 11 Jun, 2020 2 commits
  7. 10 Jun, 2020 5 commits
  8. 07 Jun, 2020 2 commits
  9. 20 May, 2020 1 commit
  10. 16 May, 2020 1 commit
  11. 15 May, 2020 5 commits
    • ulif's avatar
      Make apply-config.sh run ansible. · 09f65c83
      ulif authored
      The new hosts.local inventory file acts as a replacement for the regular
      ansible inventory. It is meant to be used on BBB nodes that want to
      update local BBB config. With `hosts.local` we can put the local host
      into groups.
    • ulif's avatar
      Install also `ansible` on BBB hosts. · 7c8c6238
      ulif authored
      We would like to deploy ansible instead of simple shell scripts for
      configuring local installs. This might improve maintability of changed
      configurations after updates and the like. Main improvement is the
      idempotency of ansible scripts. Thus we can run configuration updates
      multiple times without messing up everything.
    • ulif's avatar
      In README tell about monitoring. · 1ebaeba9
      ulif authored
    • ulif's avatar
      Do not limit hosts in bbb-apply-config.yml. · f1d73902
      ulif authored
      In order to make the beforementioned file work on localhost and given
      the fact, that we do not want to keep a vault password on the server, we
      have to do this step.
    • ulif's avatar
      On apply-config, fix nginx config, part 1. · eec9cd91
      ulif authored
      Ensure, that port 80 requests are always redirected to 443. We do not
      want unencrypted traffic in videoconferencing.
  12. 13 May, 2020 5 commits
  13. 23 Apr, 2020 8 commits
    • ulif's avatar
      Add role `security`. · 48b4bd92
      ulif authored
      This role settles some basic sshd-related stuff. Contrary to our
      upstream we forbid root ssh completely.
      TODO: restrict allowed ciphers, etc.
      TODO: disable DSA host keys
    • ulif's avatar
      Add role `configure-bbb`. · 6e65ec54
      ulif authored
      Set config values specific for digitalcourage and store them so that
      they are reapplied after upgrades etc.
      Currently we set only the default video resolutions, we offer to
    • ulif's avatar
      Add role to prepare hosts. · f6ced63f
      ulif authored
      Includes setting up hostname, fix /etc/hosts entries and the like.
    • ulif's avatar
      Add playbook for COTURN setup. · 1efa4f4a
      ulif authored
      Monitoring still missing, but the basic install works.
    • ulif's avatar
      Add roles for updating boxes and COTURN install. · 25861cd0
      ulif authored
      We currently support Ubuntu and Debian, where Ubuntu is a no-brainer and
      Debian requires a bit of finetuning.
      The coturn role installs a standard coturn server with additional LE
      cert if requested.
      We normally need only one coturn server for many BBB boxes.
    • ulif's avatar
      Ignore log file. · 9a9d30e0
      ulif authored
    • ulif's avatar
      Update README, add basic maintenance. · b0fbf709
      ulif authored
      Also add a first playbook for checking the general ansible setup.
    • ulif's avatar
      Initial commit · 0b2d14a0
      ulif authored