diff options
| author | Matthew Fennell <matthew@fennell.dev> | 2025-07-06 19:57:44 +0100 |
|---|---|---|
| committer | Matthew Fennell <matthew@fennell.dev> | 2025-07-06 19:57:44 +0100 |
| commit | 9ad2f38d254b01611e874ac5aa8cddaf5aa28732 (patch) | |
| tree | 3945f073109f8f055c1a944092590d408207bd73 | |
| parent | de781b09a28202d61d6ad7b6269c589c51468f75 (diff) | |
Share turnserver between vhosts on same machine
I made a mistake in the original configuration - I tried to give each
virtual host a separate turnserver on its own subdomain. However, since
koyo.haus and fennell.dev (and likewise in nonprod) share a virtual
machine, they can only have one turnserver between them (in the
turnserver.conf, there can only be a single realm).
Therefore, always point to koyo.haus for the turnserver in each
environment.
| -rw-r--r-- | files/prosody.cfg.lua.j2 | 4 | ||||
| -rw-r--r-- | files/turnserver.conf.j2 | 3 | ||||
| -rw-r--r-- | files/virtual_host.cfg.lua.j2 | 4 | ||||
| -rw-r--r-- | playbook.yaml | 4 |
4 files changed, 6 insertions, 9 deletions
diff --git a/files/prosody.cfg.lua.j2 b/files/prosody.cfg.lua.j2 index d56381c..0bcf6ba 100644 --- a/files/prosody.cfg.lua.j2 +++ b/files/prosody.cfg.lua.j2 @@ -33,6 +33,7 @@ modules_enabled = { "stanza_debug"; "time"; "tls"; + "turn_external"; "uptime"; "vcard4"; "vcard_legacy"; @@ -61,6 +62,9 @@ c2s_direct_tls_ports = { 5223 } s2s_direct_tls_ports = { 5270 } use_dane = true +turn_external_host = "{{ turn_server }}" +turn_external_secret = "{{ turn_secret }}" + -- From Monal considerations for XMPP server admins smacks_hibernation_time = 86400 diff --git a/files/turnserver.conf.j2 b/files/turnserver.conf.j2 index 05c956c..f90f0f0 100644 --- a/files/turnserver.conf.j2 +++ b/files/turnserver.conf.j2 @@ -6,6 +6,7 @@ syslog no-rfc5780 no-stun-backward-compatibility response-origin-only-with-rfc5780 -realm=turn.{{ virtual_host }} +realm={{ turn_server }} use-auth-secret static-auth-secret={{ turn_secret }} +external-ip={{ ipv4 }} diff --git a/files/virtual_host.cfg.lua.j2 b/files/virtual_host.cfg.lua.j2 index 2834474..4182a60 100644 --- a/files/virtual_host.cfg.lua.j2 +++ b/files/virtual_host.cfg.lua.j2 @@ -15,7 +15,6 @@ modules_enabled = { "invites_register"; "register"; "register_apps"; - "turn_external"; } site_apps_show = { @@ -34,9 +33,6 @@ contact_info = { admin = { "xmpp:admin@{{ virtual_host }}" }; } -turn_external_host = "turn.{{ virtual_host }}" -turn_external_secret = "{{ turn_secret }}" - allow_user_invites = true http_external_url = "https://{{ virtual_host }}/" site_name = "{{ virtual_host }}" diff --git a/playbook.yaml b/playbook.yaml index 467b1fa..3a3d0cd 100644 --- a/playbook.yaml +++ b/playbook.yaml @@ -122,10 +122,6 @@ type: CNAME ttl: 3600 records: ["{{ delegate_host }}."] - - subname: "turn" - type: CNAME - ttl: 3600 - records: ["{{ delegate_host }}."] - subname: "upload" type: CNAME ttl: 3600 |