add ssl to turn server

2023-10-17 13:23:05 +02:00 · 2023-10-17 13:23:05 +02:00 · 782e5ada3c
commit 782e5ada3c
parent 54768ea037
2 changed files with 35 additions and 32 deletions
--- a/ansible/roles/docker-compose/files/coturn/docker-compose.yaml
+++ b/ansible/roles/docker-compose/files/coturn/docker-compose.yaml
@ -3,38 +3,41 @@ services:
  coturn:
    image: coturn/coturn:latest
    restart: unless-stopped
-#    environment:
-#      - HOSTNAME=${hostname}
-#      - LISTENPORT=${listenport}
-#      - TLSPORT=${tlsport}
-#      - MINPORT=${minport}
-#      - MAXPORT=${maxport}
-#      - AUTHSECRET=${authsecret}
-   ports:
-     # STUN/TURN
-     - "3478:3478"
-     - "3478:3478/udp"
-     - "3479:3479"
-     - "3479:3479/udp"
-     - "80:80"
-     - "80:80/udp"
-     ## STUN/TURN SSL
-     - "5349:5349"
-     - "5349:5349/udp"
-     - "5350:5350"
-     - "5350:5350/udp"
-     - "443:443"
-     - "443:443/udp"
-     - "49152-49252:49152-49252"
-     - "49152-49252:49152-49252/udp"
-     # Relay Ports
-     - "49152-65535:49152-65535"
-     - "49152-65535:49152-65535/udp"
+    network_mode: "host"
    volumes:
      - ./turnserver.conf:/etc/turnserver.conf
      - ./coturn/privkey.pem:/etc/ssl/private/privkey.pem:ro
      - ./coturn/cert.pem:/etc/ssl/certs/cert.pem:ro
-    network_mode: "host"
+      - ./nginx:/etc/nginx/conf.d
+      - /ssl:/ssl
+
+# #    environment:
+# #      - HOSTNAME=${hostname}
+# #      - LISTENPORT=${listenport}
+# #      - TLSPORT=${tlsport}
+# #      - MINPORT=${minport}
+# #      - MAXPORT=${maxport}
+# #      - AUTHSECRET=${authsecret}
+#    ports:
+#      # STUN/TURN
+#      - "3478:3478"
+#      - "3478:3478/udp"
+#      - "3479:3479"
+#      - "3479:3479/udp"
+#      - "80:80"
+#      - "80:80/udp"
+#      ## STUN/TURN SSL
+#      - "5349:5349"
+#      - "5349:5349/udp"
+#      - "5350:5350"
+#      - "5350:5350/udp"
+#      - "443:443"
+#      - "443:443/udp"
+#      - "49152-49252:49152-49252"
+#      - "49152-49252:49152-49252/udp"
+#      # Relay Ports
+#      - "49152-65535:49152-65535"
+#      - "49152-65535:49152-65535/udp"
 #    command: sh -c "/etc/turnserver.conf.sh"
 #    entrypoint: sh -c "docker-entrypoint.sh && /etc/turnserver.conf.sh && chmod -R 777 /etc/turnsever.conf"
 #    depends_on:
--- a/ansible/roles/docker-compose/files/coturn/turnserver.conf
+++ b/ansible/roles/docker-compose/files/coturn/turnserver.conf
@ -1,4 +1,4 @@
-realm=turn.corp-
+realm=turn.corp-serv.net
 no-tcp-relay
 listening-ip=0.0.0.0
 listening-port=3478
@ -11,6 +11,6 @@ pidfile=/var/tmp/turnserver.pid
 use-auth-secret
 static-auth-secret=ihaaCac6Oow3ohzuvequ6esoo9eegheex

-# tls-listening-port=5349
-# pkey=/etc/ssl/private/privkey.pem
-# cert=/etc/ssl/certs/cert.pem
+tls-listening-port=5349
+pkey=/ssl/certificate.keyplain
+cert=/ssl/chain.crt