feat(talk/turn/signaling/hpb): add role for Talk with backend services

inventories/demo-gymburgdorf/host_vars/turn/talk.yml

@@ -0,0 +1,23 @@
+# talk / HPB host_vars (collocated layout: same host runs coturn)
+# Place secrets at:
+#   playbooks/secrets/turn/talk_backend_secret    (mode 0600)
+#   playbooks/secrets/turn/talk_turn_secret       (mode 0600, == coturn_static_auth_secret)
+#   playbooks/secrets/turn/talk_session_hashkey   (mode 0600, openssl rand -hex 32)
+#   playbooks/secrets/turn/talk_session_blockkey  (mode 0600, openssl rand -hex 32)
+
+talk_domain: "signaling.digitalboard.ch"
+talk_internal_domain: "signaling.int.digitalboard.ch"
+
+talk_nextcloud_url: "https://cloud.digitalboard.ch"
+talk_nextcloud_extra_host_ip: "172.16.19.111"  # application backend IP
+
+# Janus media advertisement IP = the public IP of this (collocated) host
+talk_janus_public_ip: "193.43.183.74"           # same host as coturn
+
+# TURN config — matches coturn defaults on this host (3478/5349).
+# In a production deployment with coturn on 443, replace ports with :443.
+talk_turn_servers: "turns:stun.int.digitalboard.ch:5349?transport=tcp,turn:stun.int.digitalboard.ch:3478"
+talk_turn_realm: "stun.digitalboard.ch"
+
+talk_janus_stun_server: "stun.int.digitalboard.ch"
+talk_janus_stun_port: 5349