mirror of
https://github.com/spantaleev/matrix-docker-ansible-deploy.git
synced 2026-03-29 19:31:25 +03:00
138 lines
6.9 KiB
Plaintext
138 lines
6.9 KiB
Plaintext
# SOME DESCRIPTIVE TITLE.
|
|
# Copyright (C) 2018-2026, Slavi Pantaleev, Aine Etke, MDAD community members
|
|
# This file is distributed under the same license as the matrix-docker-ansible-deploy package.
|
|
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
|
|
#
|
|
#, fuzzy
|
|
msgid ""
|
|
msgstr ""
|
|
"Project-Id-Version: matrix-docker-ansible-deploy \n"
|
|
"Report-Msgid-Bugs-To: \n"
|
|
"POT-Creation-Date: 2026-03-23 07:10+0000\n"
|
|
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
|
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
|
"Language-Team: LANGUAGE <LL@li.org>\n"
|
|
"MIME-Version: 1.0\n"
|
|
"Content-Type: text/plain; charset=UTF-8\n"
|
|
"Content-Transfer-Encoding: 8bit\n"
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:8
|
|
msgid "Setting up LiveKit Server (optional)"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:10
|
|
msgid "The playbook can install and configure [LiveKit Server](https://github.com/livekit/livekit) for you."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:12
|
|
msgid "LiveKit Server is an open source project that provides scalable, multi-user conferencing based on WebRTC. It's designed to provide everything you need to build real-time video audio data capabilities in your applications."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:14
|
|
msgid "💡 LiveKit Server is automatically installed and configured when either [Element Call](configuring-playbook-element-call.md) or the [Matrix RTC stack](configuring-playbook-matrix-rtc.md) is enabled, so you don't need to do anything extra."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:16
|
|
msgid "The [Ansible role for LiveKit Server](https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server) is developed and maintained by [the MASH (mother-of-all-self-hosting) project](https://github.com/mother-of-all-self-hosting). For details about configuring LiveKit Server, you can check them via:"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:17
|
|
msgid "🌐 [the role's documentation at the MASH project](https://github.com/mother-of-all-self-hosting/ansible-role-livekit-server/blob/main/docs/configuring-livekit-server.md) online"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:18
|
|
msgid "📁 `roles/galaxy/livekit_server/docs/configuring-livekit-server.md` locally, if you have [fetched the Ansible roles](installing.md#update-ansible-roles)"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:20
|
|
msgid "Adjusting firewall rules"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:22
|
|
msgid "To ensure LiveKit Server functions correctly, the following firewall rules and port forwarding settings are required:"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:24
|
|
msgid "`7881/tcp`: ICE/TCP"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:26
|
|
msgid "`7882/udp`: ICE/UDP Mux"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:28
|
|
msgid "`3479/udp`: TURN/UDP. Also see the [Limitations](#limitations) section below."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:30
|
|
msgid "`5350/tcp`: TURN/TCP. Also see the [Limitations](#limitations) section below."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:32
|
|
msgid "`30000-30020/udp`: TURN relay range used by LiveKit's embedded TURN server."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:34
|
|
msgid "💡 The suggestions above are inspired by the upstream [Ports and Firewall](https://docs.livekit.io/home/self-hosting/ports-firewall/) documentation based on how LiveKit is configured in the playbook. If you're using custom configuration for the LiveKit Server role, you may need to adjust firewall rules accordingly."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:36
|
|
msgid "TURN TLS handling"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:38
|
|
msgid "When `matrix_playbook_reverse_proxy_type` is `playbook-managed-traefik` (which is the default for this playbook), TURN over TCP is terminated by Traefik and forwarded to LiveKit with `turn.external_tls = true`. In this playbook default, this mode is enabled automatically when SSL is enabled and TURN is enabled."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:40
|
|
msgid "The playbook installs a dedicated Traefik TCP entrypoint for TURN (`matrix-livekit-turn`) by default and binds it to `tcp/5350`."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:41
|
|
msgid "`livekit_server_config_turn_external_tls` is automatically enabled for this setup."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:42
|
|
msgid "Because Traefik handles TLS, LiveKit no longer needs certificate-file paths for TURN in this mode."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:44
|
|
msgid "To opt out and keep TURN TLS termination in LiveKit itself, set:"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:50
|
|
msgid "In this playbook, certificate paths are managed automatically via `group_vars/matrix_servers` when certificate dumping is enabled."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:52
|
|
msgid "If your setup uses `other-traefik-container` or [another reverse-proxy](./configuring-playbook-own-webserver.md), behavior is unchanged by default and still relies on certificates being available inside the container as before."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:54
|
|
msgid "Deployments using `other-traefik-container` can opt into the same Traefik-terminated mode there, by setting:"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:62
|
|
msgid "and configuring their own Traefik TCP entrypoint dedicated to LiveKit TURN traffic."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:64
|
|
msgid "Limitations"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:66
|
|
msgid "LiveKit Server's TURN listener behavior depends on where TLS is terminated:"
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:68
|
|
msgid "Direct LiveKit TURN listeners (`livekit_server_config_turn_external_tls: false`) still use IPv4-only sockets for `3479/udp` and `5350/tcp`, so IPv6 connectivity to these endpoints is not possible."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:69
|
|
msgid "With [TURN TLS handling](#turn-tls-handling) (`livekit_server_config_turn_external_tls: true`), the playbook's dedicated `matrix-livekit-turn` TCP entrypoint can still listen on both IPv4 and IPv6. Traefik then forwards TURN/TCP to LiveKit."
|
|
msgstr ""
|
|
|
|
#: ../../../docs/configuring-playbook-livekit-server.md:71
|
|
msgid "It appears that LiveKit Server intentionally only listens on `udp4` and `tcp4` in direct mode, as seen [here](https://github.com/livekit/livekit/blob/154b4d26b769c68a03c096124094b97bf61a996f/pkg/service/turn.go#L128) and [here](https://github.com/livekit/livekit/blob/154b4d26b769c68a03c096124094b97bf61a996f/pkg/service/turn.go#L92)."
|
|
msgstr ""
|