Closed dimitrihof closed 2 years ago
I recently updates all my existing BBB nodes with the latest commit of this role. So I can't reproduce your problem.
Also you did not include your role variables
Your variables for this role - be sure to remove any sensitive information
- role: ansible-role-bigbluebutton
bbb_hostname: "{{ fqdn }}"
# bbb_state:
# bbb_apt_mirror:
bbb_letsencrypt_enable: "true"
bbb_letsencrypt_email: "xxxx"
# bbb_letsencrypt_api:
# bbb_nginx_privacy:
# bbb_nginx_listen_https:
# bbb_nginx_root:
# bbb_ssl_cert:
# bbb_ssl_key:
# bbb_own_cert:
# bbb_own_key:
# bbb_default_welcome_message: ""
bbb_default_welcome_message_footer: ""
# bbb_default_presentation:
# bbb_custom_presentation:
# bbb_custom_presentation_name:
# bbb_web_logouturl: ""
# bbb_allow_request_without_session:
bbb_coturn_enable: false
bbb_coturn_server: false
# bbb_coturn_port:
# bbb_coturn_port_tls:
bbb_coturn_secret: "{{ vault_turn_secret }}"
# bbb_coturn_min_port:
# bbb_coturn_max_port:
bbb_turn_enable: true
bbb_stun_servers:
- server: "{{ vault_turnserver }}"
- server: "{{ vault_turnserver }}:443"
- server: "{{ vault_fairkom_turnserver }}"
- server: "{{ vault_fairkom_turnserver }}:443"
# bbb_ice_servers:
bbb_turn_servers:
- server: "{{ vault_turnserver }}"
port: 3478?transport=udp
secret: "{{ vault_turn_secret }}"
tls: false
- server: "{{ vault_turnserver }}"
port: 443?transport=tcp
secret: "{{ vault_turn_secret }}"
tls: false
- server: "{{ vault_turnserver }}"
port: 5349?transport=tcp
secret: "{{ vault_turn_secret }}"
tls: true
- server: "{{ vault_fairkom_turnserver }}"
port: 3478?transport=udp
secret: "{{ vault_fairkom_turn_secret }}"
tls: false
- server: "{{ vault_fairkom_turnserver }}"
port: 443?transport=tcp
secret: "{{ vault_fairkom_turn_secret }}"
tls: false
- server: "{{ vault_fairkom_turnserver }}"
port: 5349?transport=tcp
secret: "{{ vault_fairkom_turn_secret }}"
tls: true
# bbb_greenlight_enable:
# bbb_greenlight_hosts:
# bbb_greenlight_image:
bbb_greenlight_secret: "{{ vault_greenlight_secret }}"
bbb_greenlight_db_password: "{{ vault_greenlight_db_password }}"
bbb_greenlight_default_registration: "invite"
bbb_greenlight_users:
- "{{ vault_greenlight_user }}"
bbb_allow_mail_notifications: "false"
# bbb_disable_recordings:
# bbb_api_demos_enable:
# bbb_client_log_enable:
# bbb_mute_on_start:
# bbb_app_log_level:
# bbb_meteor:
# bbb_nodejs_version:
# bbb_system_locale:
bbb_secret: "{{ vault_api_secret }}"
bbb_freeswitch_ipv6: false
# bbb_freeswitch_ip_address:
# bbb_freeswitch_external_ip:
# bbb_dialplan_quality:
# bbb_dialplan_energy_level: "100"
# bbb_dialplan_comfort_noise:
bbb_webhooks_enable: true
# bbb_check_for_running_meetings:
# bbb_monitoring_all_in_one_enable:
# bbb_monitoring_all_in_one_version:
# bbb_monitoring_all_in_one_port:
# bbb_monitoring_all_in_one_grafana:
# bbb_monitoring_all_in_one_prometheus:
# bbb_monitoring_recordings_from_disk:
# bbb_monitoring_external:
# bbb_monitoring_htpasswd_user:
# bbb_monitoring_htpasswd:
# bbb_monitoring_exporter_version:
# bbb_monitoring_systemd_enable:
# bbb_monitoring_systemd_directory:
# bbb_monitoring_systemd_port:
# bbb_monitoring_systemd_bind_ip:
# bbb_dialin_enabled:
# bbb_dialin_provider_proxy:
# bbb_dialin_provider_username:
# bbb_dialin_provider_password:
# bbb_dialin_provider_extension:
# bbb_dialin_default_number:
# bbb_dialin_mask_caller:
# bbb_dialin_default_play_and_get_digitsbbb_dialin_overwrite_footer:
# bbb_dialin_footer:
# bbb_guestpolicy:
# bbb_ntp_cron:
# bbb_ntp_cron_day:
# bbb_ntp_cron_hour:
# bbb_ntp_cron_minute:
# bbb_cron_history:
# bbb_cron_unrecorded_days:
# bbb_cron_published_days:
# bbb_cron_log_history:
# bbb_html5_node_options:
bbb_freeswitch_socket_password: "{{ vault_freeswitch_password }}"
bbb_html5_backend_processes: 3
bbb_html5_frontend_processes: 3
# bbb_container_compat:
# bbb_firewall_ufw:
# bbb_ufw_allow_networks_custom:
# bbb_ufw_reject_networks_custom:
bbb_ssh_port: xxxx
# bbb_max_file_size_upload:
# bbb_default_max_users:
# bbb_default_meeting_duration:
# bbb_max_num_pages:
# bbb_max_conversion_time:
# bbb_num_conversion_threads:
# bbb_num_file_processor_threads:
# bbb_freeswitch_muted_sound:
# bbb_freeswitch_unmuted_sound:
# bbb_breakout_rooms_enabled:
# bbb_breakout_rooms_record:
# bbb_breakout_rooms_privatechat_enabled:
# bbb_docker_compose_version:
# bbb_docker_passwd:
# bbb_docker_user:
The error must be somewhere here:
- name: configure IPv6-Support in freeswitch
block:
- name: configure listen-ip in event_socket.conf.xml
become: true
ansible.builtin.xml:
path: /opt/freeswitch/etc/freeswitch/autoload_configs/event_socket.conf.xml
xpath: '/configuration/settings/param[@name="listen-ip"]'
attribute: 'value'
value: "{{ '::' if bbb_freeswitch_ipv6 | bool else '127.0.0.1' }}"
notify: restart freeswitch
- name: stat ipv6 sip_profiles
ansible.builtin.stat:
path: "{{ item + '.disabled' if bbb_freeswitch_ipv6 | bool else item }}"
register: ipv6_sip_profiles
loop:
- /opt/freeswitch/etc/freeswitch/sip_profiles/external-ipv6.xml
- /opt/freeswitch/etc/freeswitch/sip_profiles/internal-ipv6.xml
loop_control:
label: "{{ item if bbb_freeswitch_ipv6 | bool else item + '.disabled' }}"
- name: manage ipv6 sip_profiles
become: true
ansible.builtin.command: |
mv
"{{ sip_profile.item + '.disabled' if bbb_freeswitch_ipv6 | bool else sip_profile.item }}"
"{{ sip_profile.item if bbb_freeswitch_ipv6 | bool else sip_profile.item + '.disabled' }}"
when: sip_profile.stat.exists
loop: "{{ ipv6_sip_profiles.results }}"
loop_control:
loop_var: sip_profile
label: "{{ sip_profile.item if bbb_freeswitch_ipv6 | bool else sip_profile.item + '.disabled' }}"
notify: restart freeswitch
shouldnt be sip.profile.stat.exist be ipv6_sip.profiles.stat.exist?
For some reason the *.disabled files are not created. I have to create them by hand and the scripts runs perfectly. So i guess the ipv6 profiles are not moved correctly and thus the check in the end fails.
huh I just checked my servers and I also don't have any .disabled
files in /opt/freeswitch/etc/freeswitch/sip_profiles/
.
This is odd indeed.
I have external-ipv6.xml_
and internal-ipv6.xml_
as files.
Hmmm.
The failing part is this - with message no command given
:
- name: manage ipv6 sip_profiles
become: true
ansible.builtin.command: |
mv
"{{ sip_profile.item + '.disabled' if bbb_freeswitch_ipv6 | bool else sip_profile.item }}"
"{{ sip_profile.item if bbb_freeswitch_ipv6 | bool else sip_profile.item + '.disabled' }}"
when: sip_profile.stat.exists
loop: "{{ ipv6_sip_profiles.results }}"
loop_control:
loop_var: sip_profile
label: "{{ sip_profile.item if bbb_freeswitch_ipv6 | bool else sip_profile.item + '.disabled' }}"
notify: restart freeswitch
Adding to that @d3hof you are correct, nothing does register: sip_profile
so this step is questionable at best.
I will have to wrap my head around this.
Question did you have IPv6 enabled first and then disabled it with the second run?
So was bbb_freeswitch_ipv6: true
prior to this run?
I think I did both. First on a server with ivp6 enabeld and then running the role on a new server.
But even with this soft failing it never failed the ansible-playbook
run for me.
@Davka is using IPv6 and SIP and told me everything works out of the box.
Still digging.
The point is it fails when you don't use ipv6.
@d3hof But it does not fail for me, and I do not use IPv6.
PLAY RECAP ***************************************************************************************************************************************************************************
meet.bbb.ansibletest.safeserver-support.de : ok=288 changed=177 unreachable=0 failed=0 skipped=431 rescued=0 ignored=0
ps: yes there are more steps then just the BBB role since I run other roles alongside for monitoring, security and more stuff.
And after another deploy the second run also no problem.
Hm that is actually weird.
So i checked again. And this error only happens if there was a run with ipv6: true before.
Ok that is something I can test again.
This week and my next week is filled by other projects. If someone else wants to verify this issue this would be great.
Otherwise I will do this as soon as I find the time.
@Davka @crosscodr
Hi all, I can do some tests about this today. One thing I noticed in your comments (@BrutalBirdie, @d3hof ):
- name: manage ipv6 sip_profiles
become: true
ansible.builtin.command: |
mv
"{{ sip_profile.item + '.disabled' if bbb_freeswitch_ipv6 | bool else sip_profile.item }}"
"{{ sip_profile.item if bbb_freeswitch_ipv6 | bool else sip_profile.item + '.disabled' }}"
when: sip_profile.stat.exists
loop: "{{ ipv6_sip_profiles.results }}"
loop_control:
loop_var: sip_profile
label: "{{ sip_profile.item if bbb_freeswitch_ipv6 | bool else sip_profile.item + '.disabled' }}"
notify: restart freeswitch
The use of sip_profile in when
clause is correct here, because this var is established with the loop_control: loop_var statements.
I made this to make the whole task clearer, esp. to make the command more readable.
By default, the loop var is named "item", so the command would say something like "mv {{ item.item
...", which is not meaningful at this position. Hence, I renamed the loop variable.
This has nothing to do with the problem, though.
Describe the bug Second run of role fails at manage ipv6 sip_profiles
To Reproduce run role twice on the same machine with ipv6 disbled
Expected behavior Running twice doesnt result in an error
Screenshots If applicable, add screenshots to help explain your problem. DO NOT USE SCREENSHOTS TO SHOW CODE! This makes the information inaccessible to visually impaired users.
Desktop information if needed (please complete the following information):
Your variables for this role - be sure to remove any sensitive information