Place invites behind a flag

Invites are not needed on a single-user transport-only server. Therefore, place
this functionality behind a flag.

1 files changed, 20 insertions, 2 deletions

diff --git a/playbook.yaml b/playbook.yaml
index 4b0f4c7..4fb5ffa 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -202,7 +202,6 @@
    - name: Ensure required packages are installed
      ansible.builtin.apt:
       name:
-       - coturn  # Audio / video calling server
        - lua-dbi-postgresql  # Prosody postgres connection
        - postgresql  # Database
        - prosody  # XMPP server
@@ -225,6 +224,15 @@
      become: true
      when: not is_transport_server
 
+   - name: Ensure turn-specific packages are installed
+     ansible.builtin.apt:
+      name:
+       - coturn  # Audio / video calling server
+      state: present
+      update_cache: true
+     become: true
+     when: not is_transport_server
+
    - name: Ensure required ports with ufw applications are open
      community.general.ufw:
       rule: allow
@@ -232,7 +240,6 @@
       state: enabled
      loop:
       - OpenSSH
-      - Turnserver
       - XMPP
      become: true
 
@@ -246,6 +253,16 @@
      become: true
      when: not is_transport_server
 
+   - name: Ensure turn-specific ports with ufw applications are open
+     community.general.ufw:
+      rule: allow
+      name: "{{ item }}"
+      state: enabled
+     loop:
+      - Turnserver
+     become: true
+     when: not is_transport_server
+
    - name: Ensure other required tcp ports are open
      community.general.ufw:
       rule: allow
@@ -312,6 +329,7 @@
       mode: "0640"
      become: true
      notify: Restart coturn
+     when: not is_transport_server
 
    - name: Ensure prosody database is set up
      community.postgresql.postgresql_db: