177 lines
5.7 KiB
YAML
177 lines
5.7 KiB
YAML
mumble_domain: "{{ inventory_hostname }}.local"
|
|
|
|
acme_enabled: no
|
|
acme_account_email: acme@example.com
|
|
acme_domains:
|
|
- name: "{{ mumble_domain }}"
|
|
hooks: |
|
|
{{ (
|
|
'systemctl reload nginx' if mumble_web_enabled else None,
|
|
'systemctl restart umurmur' if umurmur_enabled else None,
|
|
'systemctl restart mumble-server' if murmur_enabled else None
|
|
) | reject("none") | list }}
|
|
acme_config:
|
|
account:
|
|
private_key: "{{ acme_accounts_dir }}/acme_account.key"
|
|
email: "{{ acme_account_email }}"
|
|
directory_url: https://acme-v02.api.letsencrypt.org/directory
|
|
challenge_dir: /var/www/acme/.well-known/acme-challenge
|
|
domains: "{{ acme_domains }}"
|
|
|
|
mumble_web_enabled: no
|
|
mumble_web_domain: "{{ mumble_domain }}"
|
|
mumble_nginx_domains:
|
|
- "{{ mumble_web_domain }}"
|
|
mumble_web_owner: mumble-web
|
|
mumble_web_group: "{{ mumble_web_owner }}"
|
|
mumble_web_certificate: "{{ acme_certs_dir }}/{{ mumble_web_domain }}.d/{{ acme_enabled | ternary('fullchain','cert') }}.pem"
|
|
mumble_web_trusted_certificate: "{{ acme_certs_dir }}/{{ mumble_web_domain }}.d/chain.pem"
|
|
mumble_web_private_key: "{{ acme_keys_dir }}/{{ mumble_web_domain }}.key"
|
|
mumble_web_www_dir: /var/www/mumble-web
|
|
mumble_web_version: master
|
|
mumble_web_websockify_port: "64737"
|
|
|
|
mumble_web_nginx_enabled: yes
|
|
mumble_web_nginx_config_dir: /etc/nginx
|
|
mumble_web_nginx_generate_dhparam: yes
|
|
mumble_web_nginx_dhparam: "{{ mumble_web_nginx_config_dir }}/ssl/dhparam.pem"
|
|
mumble_web_nginx_dhparam_size: 2048
|
|
|
|
murmur_enabled: no
|
|
murmur_domain: "{{ mumble_domain }}"
|
|
murmur_superuser_password: supersecret
|
|
murmur_database:
|
|
path: "/var/lib/mumble-server/mumble-server.sqlite"
|
|
# driver: "QMYSQL"
|
|
# username: "mumble"
|
|
# password: "password"
|
|
# host: "localhost"
|
|
# port: 3306
|
|
# prefix: "murmur_"
|
|
murmur_ice_host: "127.0.0.1"
|
|
murmur_ice_port: 6502
|
|
# Give read permission on ICE connection. Empty secret will deny read permission to anybody.
|
|
murmur_ice_secret_read: "{{ lookup('password', '/tmp/murmur-ice-read.secret length=50') }}"
|
|
# Give write permission on ICE connection. Empty secret will deny write permission to anybody.
|
|
murmur_ice_secret_write: "{{ lookup('password', '/tmp/murmur-ice-write.secret length=50') }}"
|
|
|
|
murmur_autoban_attempts: 10
|
|
murmur_autoban_timeframe: 120
|
|
murmur_autoban_time: 300
|
|
murmur_log_file: "/var/log/mumble-server/mumble-server.log"
|
|
murmur_pid_file: "/var/run/mumble-server/mumble-server.pid"
|
|
murmur_welcome_text: "Welcome on the {{ inventory_hostname }} Mumble server!"
|
|
# Leave blank to let Murmur bind to all available addresses
|
|
murmur_host: ""
|
|
murmur_port: 64738
|
|
# Password to join the server
|
|
murmur_server_password: ""
|
|
murmur_max_bandwidth: 72000
|
|
murmur_max_users: 100
|
|
murmur_opus_threshold: 100
|
|
murmur_channel_nesting_limit: 10
|
|
murmur_channel_count_limit: 1000
|
|
# Regex to validate channel or usernames
|
|
# murmur_channel_name_regex: ""
|
|
# murmur_username_regex: ""
|
|
murmur_text_message_max_length: 5000
|
|
murmur_image_message_max_length: 131072
|
|
murmur_allow_html: yes
|
|
# Set to 0 to keep logs forever, or -1 to disable logging to the DB.
|
|
murmur_log_days: -1
|
|
# Name for root channel and entry in mumble main server list
|
|
murmur_register_enabled: no
|
|
murmur_register:
|
|
name: "MyMumbleServerRegisterName"
|
|
password: "password"
|
|
url: "https://mymumbleserverurl.org"
|
|
hostname: "mymumblehostname.domain.org"
|
|
# Enable Bonjour for dev purpose
|
|
murmur_bonjour_enabled: no
|
|
murmur_certificate: "{{ acme_certs_dir }}/{{ murmur_domain }}.d/{{ acme_enabled | ternary('fullchain', 'cert') }}.pem"
|
|
murmur_trusted_certificate: "{{ acme_certs_dir }}/{{ murmur_domain }}.d/chain.pem"
|
|
murmur_private_key: "{{ acme_keys_dir }}/{{ murmur_domain }}.key"
|
|
murmur_dhparam: "@ffdhe4096"
|
|
murmur_owner: "mumble-server"
|
|
murmur_group: "{{ murmur_owner }}"
|
|
murmur_client_certificate_required: no
|
|
murmur_send_server_version: yes
|
|
murmur_ice_warn_unknown_properties: yes
|
|
murmur_ice_message_size_max: 65536
|
|
murmur_channels:
|
|
- name: Root
|
|
description: Root channel. No entry.
|
|
groups:
|
|
admin:
|
|
inherit: yes
|
|
inheritable: yes
|
|
permissions:
|
|
- group: all
|
|
deny:
|
|
- Enter
|
|
recursive: no
|
|
enabled: yes
|
|
- group: all
|
|
allow:
|
|
- RegisterSelf
|
|
- MakeTempChannel
|
|
- group: admin
|
|
allow:
|
|
- MuteDeafen
|
|
- Move
|
|
- Kick
|
|
- Ban
|
|
- Register
|
|
- name: Welcome
|
|
parent: Root
|
|
description: Welcome channel
|
|
position: 0
|
|
isdefault: yes
|
|
- name: Silent
|
|
parent: Root
|
|
description: Silent channel
|
|
position: 1
|
|
permissions:
|
|
- group: all
|
|
deny:
|
|
- Speak
|
|
- MakeTempChannel
|
|
- group: admin
|
|
allow:
|
|
- MakeTempChannel
|
|
|
|
umurmur_enabled: no
|
|
umurmur_domain: "{{ mumble_domain }}"
|
|
umurmur_max_bandwidth: 48000
|
|
umurmur_max_users: 100
|
|
umurmur_server_password: ""
|
|
umurmur_channels:
|
|
- name: Root
|
|
description: Root channel. No entry.
|
|
noenter: yes
|
|
- name: Welcome
|
|
parent: Root
|
|
description: Welcome channel
|
|
position: 0
|
|
- name: Silent
|
|
parent: Root
|
|
description: Silent channel
|
|
silent: yes
|
|
position: 1
|
|
umurmur_default_channel: Welcome
|
|
umurmur_welcome_text: "Welcome on the {{ inventory_hostname }} Mumble server!"
|
|
umurmur_channel_links:
|
|
- source: "{{ umurmur_default_channel }}"
|
|
destinations: >-
|
|
{{ umurmur_channels
|
|
| selectattr('parent', 'defined')
|
|
| selectattr('parent', '==', umurmur_default_channel)
|
|
| map(attribute='name')
|
|
| list
|
|
}}
|
|
umurmur_ssl_group: "{{ acme_ssl_group }}"
|
|
umurmur_certificate: "{{ acme_certs_dir }}/{{ umurmur_domain }}.d/{{ acme_enabled | ternary('fullchain', 'cert') }}.pem"
|
|
umurmur_private_key: "{{ acme_keys_dir }}/{{ umurmur_domain }}.key"
|
|
umurmur_version: master
|
|
umurmur_port: 64738
|