kosmos/chef
8
3
Fork 0
Code Issues 33 Pull Requests Projects 2 Activity

Configure TURN properly

Browse Source 
Was missing a couple of necessary properties, and is now using an
explicit port range for TURN, and opening those ports in UFW.
This commit is contained in:
Basti
2020-05-02 14:07:14 +02:00
parent 0bcb2597e8
commit 4448ec2173
3 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
site-cookbooks/kosmos-ejabberd/recipes/default.rb
View File

@@ -154,7 +154,11 @@ template "/opt/ejabberd/conf/ejabberd.yml" do
sensitive true
variables pgsql_password: postgresql_data_bag_item['ejabberd_user_password'],
hosts: hosts,
admin_users: admin_users
admin_users: admin_users,
stun_auth_realm: "kosmos.org",
turn_ip_address: node['ipaddress'],
turn_min_port: node["kosmos-ejabberd"]["turn_min_port"],
turn_max_port: node["kosmos-ejabberd"]["turn_max_port"]
notifies :run, "execute[ejabberdctl reload_config]", :delayed
end
@@ -206,6 +210,12 @@ unless node.chef_environment == "development"
protocol :udp
command :allow
end
firewall_rule 'ejabberd_turn' do
port node["kosmos-ejabberd"]["turn_min_port"]..node["kosmos-ejabberd"]["turn_max_port"]
protocol :udp
command :allow
end
end
#