[__coturn] Add support for common parameters and extra-config.

extra-config allows for any complex setup to be defined and managed by the type
user.
This commit is contained in:
evilham 2020-05-15 22:12:52 +02:00
parent 45f601c911
commit 61bd5b5958
7 changed files with 80 additions and 20 deletions

View file

@ -157,8 +157,8 @@ cat << EOF
# Lower and upper bounds of the UDP relay endpoints:
# (default values are 49152 and 65535)
#
min-port=49152
max-port=65535
min-port=$MIN_PORT
max-port=$MAX_PORT
# Uncomment to run TURN server in 'normal' 'moderate' verbose mode.
# By default the verbose mode is off.
@ -437,7 +437,15 @@ cat << EOF
# Uncomment if no UDP relay endpoints are allowed.
# By default UDP relay endpoints are enabled (like in RFC 5766).
#
#no-udp-relay
EOF
if [ "$NO_UDP_RELAY" ]; then
echo 'no-udp-relay'
else
echo '#no-udp-relay'
fi
cat << EOF
# Uncomment if no TCP relay endpoints are allowed.
# By default TCP relay endpoints are enabled (like in RFC 6062).
@ -445,7 +453,7 @@ cat << EOF
EOF
if [ "$NO_TCP_RELAY" ]; then
echo 'no-tcp-releay'
echo 'no-tcp-relay'
else
echo '#no-tcp-relay'
fi
@ -781,3 +789,10 @@ cat << EOF
#no-tlsv1_1
#no-tlsv1_2
EOF
if [ -n "$EXTRA_CONFIG" ]; then
cat <<EOF
# Extra configuration (overrides any previous settings)
$EXTRA_CONFIG
EOF
fi

View file

@ -8,8 +8,7 @@ cdist-type__coturn - Install and configure a coturn TURN server
DESCRIPTION
-----------
This (singleton) type install and configure a coturn TURN
server.
This (singleton) type installs and configures a coturn TURN server.
REQUIRED PARAMETERS
@ -20,36 +19,54 @@ None.
OPTIONAL PARAMETERS
-------------------
static_auth_secret
Secret used to access the TURN REST API.
Secret used to access the TURN REST API.
realm
Defailt realm.
Default realm.
allowed-peer
Allow specific ip addresses or ranges of ip addresses. Can be specified multiple times.
Allow specific IP addresses or ranges of IP addresses. Can be specified multiple times.
denied-peer
Ban specific ip addresses or ranges of ip addresses. Can be specified multiple times.
Ban specific IP addresses or ranges of IP addresses. Can be specified multiple times.
cert
Path to certificate file. Absolute or relative
Path to certificate file. Absolute or relative. Use PEM file format.
pkey
Patch to privaty key file. Use PEM file format.
Patch to private key file. Use PEM file format.
min-port
Lower bound of the UDP port range for relay endpoints allocation.
Default value is 49152, according to RFC 5766.
max-port
Upper bound of the UDP port range for relay endpoints allocation.
Default value is 65535, according to RFC 5766.
extra-config
This will be appended verbatim to the end of `coturn.conf`, use this for more
complex setups where the parameters exposed by this type are not enough.
If its value is `-`, stdin will be used.
BOOLEAN PARAMETERS
------------------
use-auth-secret
Allows TURN credentials to be accounted for a specific user id.
Allows TURN credentials to be accounted for a specific user id.
no-tcp-relay
Disable TCP relay endpoints.
Disable TCP relay endpoints.
no-udp-relay
Disable UDP relay endpoints.
no-tls
Disable TLS listener.
Disable TLS listener.
no-dtls
Disable DTLS listener.
Disable DTLS listener.
EXAMPLES
--------
@ -60,6 +77,15 @@ EXAMPLES
--realm turn.domain.tld \
--no_tcp_relay
__coturn \
--realm turn.domain.tld \
--extra-config '-' <<EOF
# Debug logging
Verbose
# Use a redis database
redis-userdb="ip=[::1] dbname=coturn password=secret port=6379 connect_timeout=2"
EOF
SEE ALSO
--------

View file

@ -59,6 +59,10 @@ if [ -f "$__object/parameter/no-tcp-relay" ]; then
export NO_TCP_RELAY=1
fi
if [ -f "$__object/parameter/no-udp-relay" ]; then
export NO_UDP_RELAY=1
fi
if [ -f "$__object/parameter/allowed-peer" ]; then
ALLOWED_PEERS=$(cat "$__object/parameter/allowed-peer")
export ALLOWED_PEERS
@ -84,13 +88,22 @@ if [ -f "$__object/parameter/pkey" ]; then
export PKEY
fi
if [ -f "$__object/parameter/extra-config" ]; then
EXTRA_CONFIG=$(cat $__object/parameter/extra-config)
if [ "$EXTRA_CONFIG" = "-" ]; then
EXTRA_CONFIG=$(cat "$__object/stdin")
fi
export EXTRA_CONFIG
fi
export MIN_PORT=$(cat "$__object/parameter/min-port")
export MAX_PORT=$(cat "$__object/parameter/max-port")
# Generate and deploy configuration file.
mkdir -p "$__object/files"
"$__type/files/turnserver.conf.sh" > "$__object/files/turnserver.conf"
require="__package/coturn" __file $coturn_config \
--source "$__object/files/turnserver.conf" \
--owner turnserver
# Restart coturn server.
require="__file/$coturn_config" __service coturn --action restart
--owner turnserver \
--onchange 'service coturn restart'

View file

@ -1,4 +1,5 @@
use-auth-secret
no-tcp-relay
no-udp-relay
no-tls
no-dtls

View file

@ -0,0 +1 @@
65535

View file

@ -0,0 +1 @@
49152

View file

@ -2,3 +2,6 @@ static-auth-secret
realm
cert
pkey
min-port
max-port
extra-config