From 6ac203ce2638bbcc2de3786b6924417de0250630 Mon Sep 17 00:00:00 2001
From: Nico Schottelius <nico@nico-notebook.schottelius.org>
Date: Mon, 6 Nov 2023 20:06:20 +0100
Subject: [PATCH] turn: change to individual roles

---
 ansible/inventory/runa.yml                       |  4 ++--
 .../files/{coturn => turn1}/docker-compose.yaml  |  0
 .../files/{coturn => turn1}/turnserver.conf      |  2 +-
 .../files/turn2/docker-compose.yaml              | 12 ++++++++++++
 .../docker-compose/files/turn2/turnserver.conf   | 16 ++++++++++++++++
 5 files changed, 31 insertions(+), 3 deletions(-)
 rename ansible/roles/docker-compose/files/{coturn => turn1}/docker-compose.yaml (100%)
 rename ansible/roles/docker-compose/files/{coturn => turn1}/turnserver.conf (91%)
 create mode 100644 ansible/roles/docker-compose/files/turn2/docker-compose.yaml
 create mode 100644 ansible/roles/docker-compose/files/turn2/turnserver.conf

diff --git a/ansible/inventory/runa.yml b/ansible/inventory/runa.yml
index 4211399..225e7ff 100644
--- a/ansible/inventory/runa.yml
+++ b/ansible/inventory/runa.yml
@@ -14,10 +14,10 @@ runa:
       hosts:
         mtx-turn-1.ankr.corp-services.app:
           docker_compose:
-            - coturn
+            - turn1
         mtx-turn-2.ankr.corp-services.app:
           docker_compose:
-            - coturn
+            - turn2
     lat:
       hosts:
         mtx-elem-1.lat.internal.ru.com:
diff --git a/ansible/roles/docker-compose/files/coturn/docker-compose.yaml b/ansible/roles/docker-compose/files/turn1/docker-compose.yaml
similarity index 100%
rename from ansible/roles/docker-compose/files/coturn/docker-compose.yaml
rename to ansible/roles/docker-compose/files/turn1/docker-compose.yaml
diff --git a/ansible/roles/docker-compose/files/coturn/turnserver.conf b/ansible/roles/docker-compose/files/turn1/turnserver.conf
similarity index 91%
rename from ansible/roles/docker-compose/files/coturn/turnserver.conf
rename to ansible/roles/docker-compose/files/turn1/turnserver.conf
index 8402d78..3e03cd4 100644
--- a/ansible/roles/docker-compose/files/coturn/turnserver.conf
+++ b/ansible/roles/docker-compose/files/turn1/turnserver.conf
@@ -1,4 +1,4 @@
-realm=turn.corp-serv.net
+realm=turn-1.corp-serv.net
 no-tcp-relay
 listening-ip=0.0.0.0
 listening-port=3478
diff --git a/ansible/roles/docker-compose/files/turn2/docker-compose.yaml b/ansible/roles/docker-compose/files/turn2/docker-compose.yaml
new file mode 100644
index 0000000..e9f826c
--- /dev/null
+++ b/ansible/roles/docker-compose/files/turn2/docker-compose.yaml
@@ -0,0 +1,12 @@
+version: '3.8'
+services:
+  coturn:
+    image: coturn/coturn:latest
+    restart: unless-stopped
+    network_mode: "host"
+    volumes:
+      - ./turnserver.conf:/etc/turnserver.conf
+      - ./coturn/privkey.pem:/etc/ssl/private/privkey.pem:ro
+      - ./coturn/cert.pem:/etc/ssl/certs/cert.pem:ro
+      - ./nginx:/etc/nginx/conf.d
+      - /ssl:/ssl
diff --git a/ansible/roles/docker-compose/files/turn2/turnserver.conf b/ansible/roles/docker-compose/files/turn2/turnserver.conf
new file mode 100644
index 0000000..2700c98
--- /dev/null
+++ b/ansible/roles/docker-compose/files/turn2/turnserver.conf
@@ -0,0 +1,16 @@
+realm=turn-2.corp-serv.net
+no-tcp-relay
+listening-ip=0.0.0.0
+listening-port=3478
+min-port=49152
+max-port=65535
+
+log-file=stdout
+verbose
+pidfile=/var/tmp/turnserver.pid
+use-auth-secret
+static-auth-secret=ihaaCac6Oow3ohzuvequ6esoo9eegheex
+
+tls-listening-port=5349
+pkey=/ssl/certificate.keyplain
+cert=/ssl/chain.crt