---
cloud_apps: /opt
cloud_storage: /opt/storage
cloud_stage: prod
cloud_update: false

nextcloud_version: 23.0.1

www_group: www-data

ncloud_db:
  type: pgsql
  name: ncloud_db
  user: ncloud_dbu
  pass: ncloud_dbpw

ncloud_admin_user: "nc-admin"
ncloud_admin_pass: "nc-password"
ncloud_data_location: "{{ cloud_storage }}/nextcloud"
ncloud_npush_port: 7867

ncloud_domain:
  - my_domain.tld
ncloud_config:
  - key: default_phone_region
    value: "'DE'"


redis_port: 6379
redis_remote_url: ""


ncloud_coturn_pass: SomeRandomString
ncloud_coturn_port: 5349
ncloud_coturn_parallel_connection: 0 #0 is unlimited
ncloud_coturn_bandwitdh: 0 #0 B/s is unlimited
ncloud_coturn_session_lifetime: 600

ncloud_coturn_cert: "/etc/letsencrypt/live/{{ ncloud_domain[0] }}/fullchain.pem"
ncloud_coturn_pkey: "/etc/letsencrypt/live/{{ ncloud_domain[0] }}/privkey.pem"
ncloud_coturn_dhparam: "/etc/letsencrypt/ssl-dhparams.pem"

coturn_configs:
  - "tls-listening-port={{ ncloud_coturn_port }}"
  - fingerprint
  - use-auth-secret
  - "static-auth-secret={{ ncloud_coturn_pass }}"
  - "realm={{ ncloud_domain[0] }}"
  - "total-quota={{ ncloud_coturn_parallel_connection }}"
  - "bps-capacity={{ ncloud_coturn_bandwitdh }}"
  - "stale-nonce={{ ncloud_coturn_session_lifetime }}"
  - cipher-list=\“ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384\″
  - no-multicast-peers
  - no-tlsv1
  - no-tlsv1_1
  - no-stdout-log
  - "cert={{ ncloud_coturn_cert }}"
  - "pkey={{ ncloud_coturn_pkey }}"
  - "dh-file={{ ncloud_coturn_dhparam }}"