Move TURN port to a different range

It landed on a port used by PostgreSQL. Also switch STUN/TURN to TCP because HAProxy does not support UDP. Closes #240
2020-11-25 16:28:13 +01:00 · 2020-11-25 16:28:13 +01:00 · 085bd8abd5
commit 085bd8abd5
parent 7636f6ed19
3 changed files with 5 additions and 5 deletions
--- a/site-cookbooks/kosmos-ejabberd/attributes/default.rb
+++ b/site-cookbooks/kosmos-ejabberd/attributes/default.rb
@ -1,7 +1,7 @@
 node.default["kosmos-ejabberd"]["version"] = "20.04"
 node.default["kosmos-ejabberd"]["checksum"] = "5377ff18960a399e661fa23f4a1d9f57c78d4579ed108c52b8f68e7cd9268868"
-node.default["kosmos-ejabberd"]["turn_min_port"] = 49152
+node.default["kosmos-ejabberd"]["turn_min_port"] = 50000
-node.default["kosmos-ejabberd"]["turn_max_port"] = 59152
+node.default["kosmos-ejabberd"]["turn_max_port"] = 55000
 node.override["tor"]["HiddenServices"]["ejabberd"] = {
  "HiddenServicePorts" => [
--- a/site-cookbooks/kosmos-ejabberd/recipes/default.rb
+++ b/site-cookbooks/kosmos-ejabberd/recipes/default.rb
@ -205,13 +205,13 @@ unless node.chef_environment == "development"
  firewall_rule 'ejabberd_stun_turn' do
    port     3478
-    protocol :udp
+    protocol :tcp
    command  :allow
  end
  firewall_rule 'ejabberd_turn' do
    port     node["kosmos-ejabberd"]["turn_min_port"]..node["kosmos-ejabberd"]["turn_max_port"]
-    protocol :udp
+    protocol :tcp
    command  :allow
  end
 end
--- a/site-cookbooks/kosmos-ejabberd/templates/ejabberd.yml.erb
+++ b/site-cookbooks/kosmos-ejabberd/templates/ejabberd.yml.erb
@ -76,7 +76,7 @@ listen:
    captcha: false
  -
    port: 3478
-    transport: udp
+    transport: tcp
    module: ejabberd_stun
    auth_realm: <%= @stun_auth_realm %>
    use_turn: true