begin Talk HPB implementation

2025-11-05 03:26:32 +01:00
7 changed files with 17 additions and 62 deletions
--- a/.env.sample
+++ b/.env.sample
@ -1,5 +1,5 @@
 TYPE=nextcloud
-#TIMEOUT=900
+TIMEOUT=900
 ENABLE_AUTO_UPDATE=true
 ENABLE_BACKUPS=true

--- a/README.md
+++ b/README.md
@ -26,7 +26,6 @@ Fully automated luxury Nextcloud via docker-swarm.
 ### Onlyoffice Integration

 `abra app config <app-name>` 
-
 Configure the following envs:
 ```
 COMPOSE_FILE="$COMPOSE_FILE:compose.apps.yml"
@ -34,13 +33,12 @@ ONLYOFFICE_URL=https://onlyoffice.example.com
 SECRET_ONLYOFFICE_JWT_VERSION=v1
 ```

-* `abra app secret insert <app-name> onlyoffice_jwt v1 <jwt_secret>`
-* `abra app cmd <app-name> app install_onlyoffice`
+`abra app secret insert <app-name> onlyoffice_jwt v1 <jwt_secret>`
+`abra app cmd <app-name> app install_onlyoffice`

 ### BBB Integration

 `abra app config <app-name>` 
-
 Configure the following envs:
 ```
 COMPOSE_FILE="$COMPOSE_FILE:compose.apps.yml"
@ -48,44 +46,8 @@ BBB_URL=https://talk.example.org/bigbluebutton/ # trailing slash!
 SECRET_BBB_SECRET_VERSION=v1
 ```

-* `abra app secret insert <app-name> bbb_secret v1 <bbb_secret>`
-* `abra app cmd <app-name> app install_bbb`
-
-### Nextcloud Talk High performance Backend
-
-Note: at the moment you are limited to run one Nextcloud high performance backend per docker host with this setup.
-
-`abra app config <app-name>` 
-
-Configure the following envs:
-```
-#COMPOSE_FILE="$COMPOSE_FILE:compose.talk.yml"
-#TALK_DOMAIN=talk.example.com
-#SECRET_TALK_INTERNAL_SECRET_VERSION=v1 # length=64 charset=default
-#SECRET_TALK_TURN_SECRET_VERSION=v1 # length=64 charset=default
-#SECRET_TALK_SIGNALING_SECRET_VERSION=v1 # length=64 charset=default
-```
-
-* `abra app secret insert <app-name> talk_internal_secret v1 <talk_internal_secret>`
-* `abra app secret insert <app-name> talk_turn_secret v1 <talk_turn_secret>`
-* `abra app secret insert <app-name> talk_signaling_secret v1 <talk_signaling_secret>`
-* `abra app cmd <app-name> app install_talk`
-
-Don't forget to enable the additional env's in your hosts traefik instance:
-```
-COMPOSE_FILE="$COMPOSE_FILE:compose.nextcloud-talk-hpb.yml"
-NEXTCLOUD_TALK_HPB_ENABLED=1
-```
-
-Due to a bug in compose that deletes duplacted ports without checking for the protocol, traefik need to get the additional udp binding added after the deployment via ssh (this might take longer than expected!):
-```
-docker service update  --publish-add published=3478,target=3478,protocol=udp traefik_XXX_XXX_app
-```
-
-To check if tcp and udp was binded, you can use:
-```
-docker service inspect traefik_XXX_XXX_app | grep 3478 -a2
-```
+`abra app secret insert <app-name> bbb_secret v1 <bbb_secret>`
+`abra app cmd <app-name> app install_bbb`

 ### Authentik Integration

--- a/abra.sh
+++ b/abra.sh
@ -97,16 +97,15 @@ install_whiteboard() {
    set_app_config whiteboard jwt_secret_key "$(cat /run/secrets/whiteboard_jwt)"
 }

-
 install_talk() {
    install_apps spreed
    run_occ "talk:signaling:add --verify 'wss://${TALK_DOMAIN}' '$(cat /run/secrets/talk_signaling_secret)'"
    run_occ "talk:stun:add '${TALK_DOMAIN}:3478'"
-    run_occ "talk:stun:add '${TALK_DOMAIN}:443'"
    run_occ "talk:turn:add --secret='$(cat /run/secrets/talk_turn_secret)' turn '${TALK_DOMAIN}:3478' udp,tcp"

 }

+
 install_fulltextsearch() {
    install_apps fulltextsearch
    install_apps fulltextsearch_elasticsearch
--- a/compose.fulltextsearch.yml
+++ b/compose.fulltextsearch.yml
@ -29,7 +29,7 @@ services:
        mode: 0600

  searchindexer:
-    image: nextcloud:32.0.3-fpm
+    image: nextcloud:31.0.6-fpm
    volumes:
      - nextcloud:/var/www/html/
      - nextapps:/var/www/html/custom_apps:cached
--- a/compose.talk.yml
+++ b/compose.talk.yml
@ -2,7 +2,7 @@ version: "3.8"

 services:
  talk:
-    image: "nextcloud/aio-talk:20251128_084214"
+    image: "nextcloud/aio-talk:20251031_122139"
    environment:
      - NC_DOMAIN=${DOMAIN}
      - TALK_HOST=${TALK_DOMAIN}
@ -19,13 +19,7 @@ services:
        - traefik.http.routers.${STACK_NAME}_talk.rule=Host(`${TALK_DOMAIN}`)
        - traefik.http.routers.${STACK_NAME}_talk.entrypoints=web-secure
        - traefik.http.routers.${STACK_NAME}_talk.tls.certresolver=${LETS_ENCRYPT_ENV}
-        - traefik.tcp.routers.${STACK_NAME}_nextcloud-talk-hpb.rule=HostSNI(`*`)
-        - traefik.tcp.routers.${STACK_NAME}_nextcloud-talk-hpb.entrypoints=nextcloud-talk-hpb
-        - traefik.tcp.routers.${STACK_NAME}_nextcloud-talk-hpb.service=${STACK_NAME}_nextcloud-talk-hpb-svc
-        - traefik.tcp.services.${STACK_NAME}_nextcloud-talk-hpb-svc.loadbalancer.server.port=3478
-        - traefik.udp.routers.${STACK_NAME}_nextcloud-talk-hpb-udp.entrypoints=nextcloud-talk-hpb-udp
-        - traefik.udp.routers.${STACK_NAME}_nextcloud-talk-hpb-udp.service=${STACK_NAME}_nextcloud-talk-hpb-udp-svc
-        - traefik.udp.services.${STACK_NAME}_nextcloud-talk-hpb-udp-svc.loadbalancer.server.port=3478
+
    networks:
      - proxy
    configs:
--- a/compose.whiteboard.yml
+++ b/compose.whiteboard.yml
@ -6,7 +6,7 @@ services:
      - whiteboard_jwt

  whiteboard:
-    image: ghcr.io/nextcloud-releases/whiteboard:v1.5.0
+    image: ghcr.io/nextcloud-releases/whiteboard:v1.1.2
    deploy:
      labels:
        - traefik.enable=true
--- a/compose.yml
+++ b/compose.yml
@ -1,7 +1,7 @@
 version: "3.8"
 services:
  web:
-    image: nginx:1.29.4
+    image: nginx:1.29.0
    depends_on:
      - app
    configs:
@ -41,14 +41,14 @@ services:
        - "caddy.reverse_proxy={{upstreams 80}}"
        - "caddy.tls.on_demand="
    healthcheck:
-      test: ["CMD-SHELL", "curl -fsS http://localhost/status.php | grep -q '\"installed\":true'"]
+      test: ["CMD-SHELL", 'curl -s -N curl -Ns localhost/status.php |  grep "installed\":true"']
      interval: 30s
      timeout: 10s
      retries: 10
      start_period: 5m

  app:
-    image: nextcloud:32.0.3-fpm
+    image: nextcloud:31.0.6-fpm
    depends_on:
      - db
    configs:
@ -95,8 +95,8 @@ services:
        failure_action: rollback
        order: start-first
      labels:
-        - "coop-cloud.${STACK_NAME}.version=13.0.1+32.0.3-fpm"
-        - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT}"
+        - "coop-cloud.${STACK_NAME}.version=12.0.1+31.0.6-fpm"
+        - "coop-cloud.${STACK_NAME}.timeout=${TIMEOUT:-120}"
        - "backupbot.backup=${ENABLE_BACKUPS:-true}"
        - "backupbot.backup.volumes.redis=false"
       #- "backupbot.backup.volumes.nextcloud=false"
@ -109,7 +109,7 @@ services:
      start_period: 15m

  cron:
-    image: nextcloud:32.0.3-fpm
+    image: nextcloud:31.0.6-fpm
    volumes:
      - nextcloud:/var/www/html/
      - nextapps:/var/www/html/custom_apps:cached
@ -125,7 +125,7 @@ services:


  cache:
-    image: redis:8.4.0-alpine
+    image: redis:8.0.2-alpine
    networks:
      - internal
    volumes: