kosmos/chef
kosmos/chef
8
3
Fork 0
Code Issues 30 Pull Requests 3 Projects 2 Activity
chef/site-cookbooks/kosmos-ejabberd/recipes/coturn.rb
Râu Cao 292366a77f
Domain vs realm vs IP
2023-12-18 13:23:05 +01:00

53 lines
1.4 KiB
Ruby
Raw Blame History

#
# Cookbook:: kosmos-ejabberd
# Recipe:: coturn
#
apt_package 'coturn'
domain = node["ejabberd"]["turn_domain"]
credentials = data_bag_item("credentials", "ejabberd")
tls_cert_for domain do
auth "gandi_dns"
action :create
end
template "/etc/turnserver.conf" do
source "turnserver.conf.erb"
mode 0644
variables listening_port: node["ejabberd"]["stun_turn_port"],
tls_listening_port: node["ejabberd"]["stun_turn_port_tls"],
listening_ip: node["ipaddress"],
relay_ip: node["ipaddress"],
min_port: node["ejabberd"]["turn_min_port"],
max_port: node["ejabberd"]["turn_max_port"],
realm: node["ejabberd"]["stun_auth_realm"],
static_auth_secret: credentials["stun_secret"],
cert: "/etc/letsencrypt/live/#{domain}/fullchain.pem",
pkey: "/etc/letsencrypt/live/#{domain}/privkey.pem"
notifies :restart, "service[coturn]", :delayed
end
firewall_rule 'ejabberd_stun_turn' do
port node["ejabberd"]["stun_turn_port"]
protocol :udp
command :allow
end
firewall_rule 'ejabberd_stun_turn_tls' do
port node["ejabberd"]["stun_turn_port_tls"]
protocol :tcp
command :allow
end
firewall_rule 'ejabberd_turn' do
port node["ejabberd"]["turn_min_port"]..node["ejabberd"]["turn_max_port"]
protocol :udp
command :allow
end
service "coturn" do
action [:enable, :start]
end
Reference in New Issue View Git Blame Copy Permalink