[__coturn] Add support for common parameters and extra-config.

extra-config allows for any complex setup to be defined and managed by the type user.
2020-05-15 22:12:52 +02:00 · 2020-05-15 22:12:52 +02:00 · 61bd5b5958
commit 61bd5b5958
parent 45f601c911
7 changed files with 80 additions and 20 deletions
--- a/type/__coturn/files/turnserver.conf.sh
+++ b/type/__coturn/files/turnserver.conf.sh
@ -157,8 +157,8 @@ cat << EOF
 # Lower and upper bounds of the UDP relay endpoints:
 # (default values are 49152 and 65535)
 #
-min-port=49152
-max-port=65535
+min-port=$MIN_PORT
+max-port=$MAX_PORT

 # Uncomment to run TURN server in 'normal' 'moderate' verbose mode.
 # By default the verbose mode is off.
@ -437,7 +437,15 @@ cat << EOF
 # Uncomment if no UDP relay endpoints are allowed.
 # By default UDP relay endpoints are enabled (like in RFC 5766).
 #
-#no-udp-relay
+EOF
+
+if [ "$NO_UDP_RELAY" ]; then
+    echo 'no-udp-relay'
+else
+    echo '#no-udp-relay'
+fi
+
+cat << EOF

 # Uncomment if no TCP relay endpoints are allowed.
 # By default TCP relay endpoints are enabled (like in RFC 6062).
@ -445,7 +453,7 @@ cat << EOF
 EOF

 if [ "$NO_TCP_RELAY" ]; then
-    echo 'no-tcp-releay'
+    echo 'no-tcp-relay'
 else
    echo '#no-tcp-relay'
 fi
@ -781,3 +789,10 @@ cat << EOF
 #no-tlsv1_1
 #no-tlsv1_2
 EOF
+
+if [ -n "$EXTRA_CONFIG" ]; then
+    cat <<EOF
+# Extra configuration (overrides any previous settings)
+$EXTRA_CONFIG
+EOF
+fi
--- a/type/__coturn/man.rst
+++ b/type/__coturn/man.rst
@ -8,8 +8,7 @@ cdist-type__coturn - Install and configure a coturn TURN server

 DESCRIPTION
 -----------
-This (singleton) type install and configure a coturn TURN
-server.
+This (singleton) type installs and configures a coturn TURN server.


 REQUIRED PARAMETERS
@ -20,36 +19,54 @@ None.
 OPTIONAL PARAMETERS
 -------------------
 static_auth_secret
-  Secret used to access the TURN REST API.
+    Secret used to access the TURN REST API.

 realm
-  Defailt realm.
+    Default realm.

 allowed-peer
-    Allow specific ip addresses or ranges of ip addresses. Can be specified multiple times.
+    Allow specific IP addresses or ranges of IP addresses. Can be specified multiple times.

 denied-peer
-    Ban specific ip addresses or ranges of ip addresses. Can be specified multiple times.
+    Ban specific IP addresses or ranges of IP addresses. Can be specified multiple times.

 cert
-    Path to certificate file. Absolute or relative 
+    Path to certificate file. Absolute or relative. Use PEM file format.

 pkey
-    Patch to privaty key file. Use PEM file format.
+    Patch to private key file. Use PEM file format.
+
+min-port
+    Lower bound of the UDP port range for relay endpoints allocation.
+    Default value is 49152, according to RFC 5766.
+
+max-port
+    Upper bound of the UDP port range for relay endpoints allocation.
+    Default value is 65535, according to RFC 5766.
+
+extra-config
+    This will be appended verbatim to the end of `coturn.conf`, use this for more
+    complex setups where the parameters exposed by this type are not enough.
+    If its value is `-`, stdin will be used.
+

 BOOLEAN PARAMETERS
 ------------------
 use-auth-secret
-  Allows TURN credentials to be accounted for a specific user id.
+    Allows TURN credentials to be accounted for a specific user id.

 no-tcp-relay
-  Disable TCP relay endpoints.
+    Disable TCP relay endpoints.
+
+no-udp-relay
+    Disable UDP relay endpoints.

 no-tls
-  Disable TLS listener.
+    Disable TLS listener.

 no-dtls
-  Disable DTLS listener.
+    Disable DTLS listener.
+

 EXAMPLES
 --------
@ -60,6 +77,15 @@ EXAMPLES
      --realm turn.domain.tld \
      --no_tcp_relay

+    __coturn \
+      --realm turn.domain.tld \
+      --extra-config '-' <<EOF
+    # Debug logging
+    Verbose
+    # Use a redis database
+    redis-userdb="ip=[::1] dbname=coturn password=secret port=6379 connect_timeout=2"
+    EOF
+

 SEE ALSO
 --------
--- a/type/__coturn/manifest
+++ b/type/__coturn/manifest
@ -59,6 +59,10 @@ if [ -f "$__object/parameter/no-tcp-relay" ]; then
    export NO_TCP_RELAY=1
 fi

+if [ -f "$__object/parameter/no-udp-relay" ]; then
+    export NO_UDP_RELAY=1
+fi
+
 if [ -f "$__object/parameter/allowed-peer" ]; then
    ALLOWED_PEERS=$(cat "$__object/parameter/allowed-peer")
    export ALLOWED_PEERS
@ -84,13 +88,22 @@ if [ -f "$__object/parameter/pkey" ]; then
    export PKEY
 fi

+if [ -f "$__object/parameter/extra-config" ]; then
+    EXTRA_CONFIG=$(cat $__object/parameter/extra-config)
+    if [ "$EXTRA_CONFIG" = "-" ]; then
+        EXTRA_CONFIG=$(cat "$__object/stdin")
+    fi
+    export EXTRA_CONFIG
+fi
+
+export MIN_PORT=$(cat "$__object/parameter/min-port")
+export MAX_PORT=$(cat "$__object/parameter/max-port")
+
 # Generate and deploy configuration file.
 mkdir -p "$__object/files"
 "$__type/files/turnserver.conf.sh" > "$__object/files/turnserver.conf"

 require="__package/coturn" __file $coturn_config \
  --source "$__object/files/turnserver.conf" \
-  --owner turnserver
-
-# Restart coturn server.
-require="__file/$coturn_config" __service coturn --action restart
+  --owner turnserver \
+  --onchange 'service coturn restart'
--- a/type/__coturn/parameter/boolean
+++ b/type/__coturn/parameter/boolean
@ -1,4 +1,5 @@
 use-auth-secret
 no-tcp-relay
+no-udp-relay
 no-tls
 no-dtls
--- a/type/__coturn/parameter/default/max-port
+++ b/type/__coturn/parameter/default/max-port
@ -0,0 +1 @@
+65535
--- a/type/__coturn/parameter/default/min-port
+++ b/type/__coturn/parameter/default/min-port
@ -0,0 +1 @@
+49152
--- a/type/__coturn/parameter/optional
+++ b/type/__coturn/parameter/optional
@ -2,3 +2,6 @@ static-auth-secret
 realm
 cert
 pkey
+min-port
+max-port
+extra-config