[__coturn] Add support for common parameters and extra-config.

extra-config allows for any complex setup to be defined and managed by the type
user.
This commit is contained in:
evilham 2020-05-15 22:12:52 +02:00
parent 45f601c911
commit 61bd5b5958
7 changed files with 80 additions and 20 deletions

View file

@ -157,8 +157,8 @@ cat << EOF
# Lower and upper bounds of the UDP relay endpoints: # Lower and upper bounds of the UDP relay endpoints:
# (default values are 49152 and 65535) # (default values are 49152 and 65535)
# #
min-port=49152 min-port=$MIN_PORT
max-port=65535 max-port=$MAX_PORT
# Uncomment to run TURN server in 'normal' 'moderate' verbose mode. # Uncomment to run TURN server in 'normal' 'moderate' verbose mode.
# By default the verbose mode is off. # By default the verbose mode is off.
@ -437,7 +437,15 @@ cat << EOF
# Uncomment if no UDP relay endpoints are allowed. # Uncomment if no UDP relay endpoints are allowed.
# By default UDP relay endpoints are enabled (like in RFC 5766). # By default UDP relay endpoints are enabled (like in RFC 5766).
# #
#no-udp-relay EOF
if [ "$NO_UDP_RELAY" ]; then
echo 'no-udp-relay'
else
echo '#no-udp-relay'
fi
cat << EOF
# Uncomment if no TCP relay endpoints are allowed. # Uncomment if no TCP relay endpoints are allowed.
# By default TCP relay endpoints are enabled (like in RFC 6062). # By default TCP relay endpoints are enabled (like in RFC 6062).
@ -445,7 +453,7 @@ cat << EOF
EOF EOF
if [ "$NO_TCP_RELAY" ]; then if [ "$NO_TCP_RELAY" ]; then
echo 'no-tcp-releay' echo 'no-tcp-relay'
else else
echo '#no-tcp-relay' echo '#no-tcp-relay'
fi fi
@ -781,3 +789,10 @@ cat << EOF
#no-tlsv1_1 #no-tlsv1_1
#no-tlsv1_2 #no-tlsv1_2
EOF EOF
if [ -n "$EXTRA_CONFIG" ]; then
cat <<EOF
# Extra configuration (overrides any previous settings)
$EXTRA_CONFIG
EOF
fi

View file

@ -8,8 +8,7 @@ cdist-type__coturn - Install and configure a coturn TURN server
DESCRIPTION DESCRIPTION
----------- -----------
This (singleton) type install and configure a coturn TURN This (singleton) type installs and configures a coturn TURN server.
server.
REQUIRED PARAMETERS REQUIRED PARAMETERS
@ -20,36 +19,54 @@ None.
OPTIONAL PARAMETERS OPTIONAL PARAMETERS
------------------- -------------------
static_auth_secret static_auth_secret
Secret used to access the TURN REST API. Secret used to access the TURN REST API.
realm realm
Defailt realm. Default realm.
allowed-peer allowed-peer
Allow specific ip addresses or ranges of ip addresses. Can be specified multiple times. Allow specific IP addresses or ranges of IP addresses. Can be specified multiple times.
denied-peer denied-peer
Ban specific ip addresses or ranges of ip addresses. Can be specified multiple times. Ban specific IP addresses or ranges of IP addresses. Can be specified multiple times.
cert cert
Path to certificate file. Absolute or relative Path to certificate file. Absolute or relative. Use PEM file format.
pkey pkey
Patch to privaty key file. Use PEM file format. Patch to private key file. Use PEM file format.
min-port
Lower bound of the UDP port range for relay endpoints allocation.
Default value is 49152, according to RFC 5766.
max-port
Upper bound of the UDP port range for relay endpoints allocation.
Default value is 65535, according to RFC 5766.
extra-config
This will be appended verbatim to the end of `coturn.conf`, use this for more
complex setups where the parameters exposed by this type are not enough.
If its value is `-`, stdin will be used.
BOOLEAN PARAMETERS BOOLEAN PARAMETERS
------------------ ------------------
use-auth-secret use-auth-secret
Allows TURN credentials to be accounted for a specific user id. Allows TURN credentials to be accounted for a specific user id.
no-tcp-relay no-tcp-relay
Disable TCP relay endpoints. Disable TCP relay endpoints.
no-udp-relay
Disable UDP relay endpoints.
no-tls no-tls
Disable TLS listener. Disable TLS listener.
no-dtls no-dtls
Disable DTLS listener. Disable DTLS listener.
EXAMPLES EXAMPLES
-------- --------
@ -60,6 +77,15 @@ EXAMPLES
--realm turn.domain.tld \ --realm turn.domain.tld \
--no_tcp_relay --no_tcp_relay
__coturn \
--realm turn.domain.tld \
--extra-config '-' <<EOF
# Debug logging
Verbose
# Use a redis database
redis-userdb="ip=[::1] dbname=coturn password=secret port=6379 connect_timeout=2"
EOF
SEE ALSO SEE ALSO
-------- --------

View file

@ -59,6 +59,10 @@ if [ -f "$__object/parameter/no-tcp-relay" ]; then
export NO_TCP_RELAY=1 export NO_TCP_RELAY=1
fi fi
if [ -f "$__object/parameter/no-udp-relay" ]; then
export NO_UDP_RELAY=1
fi
if [ -f "$__object/parameter/allowed-peer" ]; then if [ -f "$__object/parameter/allowed-peer" ]; then
ALLOWED_PEERS=$(cat "$__object/parameter/allowed-peer") ALLOWED_PEERS=$(cat "$__object/parameter/allowed-peer")
export ALLOWED_PEERS export ALLOWED_PEERS
@ -84,13 +88,22 @@ if [ -f "$__object/parameter/pkey" ]; then
export PKEY export PKEY
fi fi
if [ -f "$__object/parameter/extra-config" ]; then
EXTRA_CONFIG=$(cat $__object/parameter/extra-config)
if [ "$EXTRA_CONFIG" = "-" ]; then
EXTRA_CONFIG=$(cat "$__object/stdin")
fi
export EXTRA_CONFIG
fi
export MIN_PORT=$(cat "$__object/parameter/min-port")
export MAX_PORT=$(cat "$__object/parameter/max-port")
# Generate and deploy configuration file. # Generate and deploy configuration file.
mkdir -p "$__object/files" mkdir -p "$__object/files"
"$__type/files/turnserver.conf.sh" > "$__object/files/turnserver.conf" "$__type/files/turnserver.conf.sh" > "$__object/files/turnserver.conf"
require="__package/coturn" __file $coturn_config \ require="__package/coturn" __file $coturn_config \
--source "$__object/files/turnserver.conf" \ --source "$__object/files/turnserver.conf" \
--owner turnserver --owner turnserver \
--onchange 'service coturn restart'
# Restart coturn server.
require="__file/$coturn_config" __service coturn --action restart

View file

@ -1,4 +1,5 @@
use-auth-secret use-auth-secret
no-tcp-relay no-tcp-relay
no-udp-relay
no-tls no-tls
no-dtls no-dtls

View file

@ -0,0 +1 @@
65535

View file

@ -0,0 +1 @@
49152

View file

@ -2,3 +2,6 @@ static-auth-secret
realm realm
cert cert
pkey pkey
min-port
max-port
extra-config