okhsunrog
379f1a2782
- Enable both TURN (port 3478) and TURNS (port 5349) for maximum client compatibility - Add recommended coturn settings: stale-nonce, unlimited quotas - Remove deprecated 'warn' parameter from shell task - Add comprehensive tags to all roles in site.yml for selective deployment - Remove redundant update playbooks (replaced by tags functionality) - Update README with detailed tags documentation and common workflows - Update coturn documentation with correct Nextcloud configuration - Add coturn_static_secret and wireguard server keys to vault example |
||
|---|---|---|
| .. | ||
| coturn-setup.md | ||
| README.md | ||
Cloud Forge Documentation
Documentation for the cloud-forge infrastructure automation project.
Available Guides
- Coturn Setup Guide - Complete guide for deploying and configuring Coturn (TURN/STUN) server for Nextcloud Talk
Quick Links
Project Structure
- Main playbook:
site.yml - Inventory:
inventory.yml - Variables:
group_vars/all/vars.yml - Encrypted secrets:
group_vars/all/vault.yml - Ansible configuration:
ansible.cfg
Common Commands
Deploy full stack:
ansible-playbook site.yml
Update VPN users only:
ansible-playbook update_vpn_users.yml
Edit vault secrets:
ansible-vault edit group_vars/all/vault.yml
Infrastructure Components
- VPN Services: OpenConnect (ocserv), WireGuard, AmneziaWG
- Web Proxies: HAProxy, Nginx with SSL termination
- Communication: Coturn (TURN/STUN for Nextcloud Talk)
- Security: Fail2ban, iptables firewall
- Certificates: Let's Encrypt via certbot
Adding New Documentation
When adding new components or features, create a new markdown file in this directory and link it in this README.