From 3e71a789e123ac7c6c2b67293bba39837f763041 Mon Sep 17 00:00:00 2001 From: szaimen <42591237+szaimen@users.noreply.github.com> Date: Thu, 21 Aug 2025 12:04:43 +0000 Subject: [PATCH 1/2] talk-update automated change Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- Containers/talk/server.conf.in | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/Containers/talk/server.conf.in b/Containers/talk/server.conf.in index 85630d5a..8f437e30 100644 --- a/Containers/talk/server.conf.in +++ b/Containers/talk/server.conf.in @@ -84,7 +84,8 @@ internalsecret = the-shared-secret-for-internal-clients # For backend type "etcd": # Key prefix of backend entries. All keys below will be watched and assumed to # contain a JSON document with the following entries: -# - "url": Url of the Nextcloud instance. +# - "urls": List of urls of the Nextcloud instance. +# - "url": Url of the Nextcloud instance (deprecated). # - "secret": Shared secret for requests from and to the backend servers. # # Additional optional entries: @@ -93,8 +94,8 @@ internalsecret = the-shared-secret-for-internal-clients # - "sessionlimit": Number of sessions that are allowed to connect. # # Example: -# "/signaling/backend/one" -> {"url": "https://nextcloud.domain1.invalid", ...} -# "/signaling/backend/two" -> {"url": "https://domain2.invalid/nextcloud", ...} +# "/signaling/backend/one" -> {"urls": ["https://nextcloud.domain1.invalid"], ...} +# "/signaling/backend/two" -> {"urls": ["https://domain2.invalid/nextcloud"], ...} #backendprefix = /signaling/backend # Allow any hostname as backend endpoint. This is extremely insecure and should @@ -122,8 +123,8 @@ connectionsperhost = 8 # Backend configurations as defined in the "[backend]" section above. The # section names must match the ids used in "backends" above. #[backend-id] -# URL of the Nextcloud instance -#url = https://cloud.domain.invalid +# Comma-separated list of urls of the Nextcloud instance +#urls = https://cloud.domain.invalid # Shared secret for requests from and to the backend servers. Leave empty to use # the common shared secret from above. @@ -143,8 +144,8 @@ connectionsperhost = 8 #maxscreenbitrate = 2097152 #[another-backend] -# URL of the Nextcloud instance -#url = https://cloud.otherdomain.invalid +# Comma-separated list of urls of the Nextcloud instance +#urls = https://cloud.otherdomain.invalid # Shared secret for requests from and to the backend servers. Leave empty to use # the common shared secret from above. @@ -179,6 +180,13 @@ connectionsperhost = 8 # proxy server that is used. #maxscreenbitrate = 2097152 +# List of IP addresses / subnets that are allowed to be used by clients in +# candidates. The allowed list has preference over the blocked list below. +#allowedcandidates = 10.0.0.0/8 + +# List of IP addresses / subnets to filter from candidates received by clients. +#blockedcandidates = 1.2.3.0/24 + # For type "proxy": timeout in seconds for requests to the proxy server. #proxytimeout = 2 From 423ba1cc3c34269abbb09192bc3e3ccd2e374f76 Mon Sep 17 00:00:00 2001 From: "Simon L." Date: Fri, 22 Aug 2025 13:51:35 +0200 Subject: [PATCH 2/2] talk: update script to use the new urls syntax Signed-off-by: Simon L. --- Containers/talk/start.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Containers/talk/start.sh b/Containers/talk/start.sh index b07f5bc9..f89949f3 100644 --- a/Containers/talk/start.sh +++ b/Containers/talk/start.sh @@ -98,7 +98,7 @@ connectionsperhost = 8 skipverify = ${SKIP_CERT_VERIFY} [backend-1] -url = https://${NC_DOMAIN} +urls = https://${NC_DOMAIN} secret = ${SIGNALING_SECRET} maxstreambitrate = ${TALK_MAX_STREAM_BITRATE} maxscreenbitrate = ${TALK_MAX_SCREEN_BITRATE}