#
# Cookbook:: kosmos-ejabberd
# Recipe:: coturn
#

apt_package 'coturn'

credentials = data_bag_item("credentials", "ejabberd")

template "/etc/turnserver.conf" do
  source "turnserver.conf.erb"
  mode 0644
  variables listening_port: node["ejabberd"]["stun_turn_port"],
            tls_listening_port: node["ejabberd"]["stun_turn_port"],
            listening_ip: node["ejabberd"]["turn_ip_address"],
            relay_ip: node["ejabberd"]["turn_ip_address"],
            min_port: node["ejabberd"]["turn_min_port"],
            max_port: node["ejabberd"]["turn_max_port"],
            static_auth_secret: credentials["stun_secret"],
            realm: node["ejabberd"]["stun_auth_realm"]
  notifies :restart, "service[coturn]", :delayed
end

firewall_rule 'ejabberd_stun_turn' do
  port     node["ejabberd"]["stun_turn_port"]
  protocol :udp
  command  :allow
end

firewall_rule 'ejabberd_turn' do
  port     node["ejabberd"]["turn_min_port"]..node["ejabberd"]["turn_max_port"]
  protocol :udp
  command  :allow
end

service "coturn" do
  action [:enable, :start]
end