From c686f233201cd2d5d60ebc4b9127d1bc2389dcc3 Mon Sep 17 00:00:00 2001
From: Matthew Fennell <matthew@fennell.dev>
Date: Sun, 21 Sep 2025 13:01:12 +0100
Subject: Place invites behind a flag

Invites are not needed on a single-user transport-only server. Therefore, place
this functionality behind a flag.
---
 playbook.yaml | 22 ++++++++++++++++++++--
 1 file changed, 20 insertions(+), 2 deletions(-)

(limited to 'playbook.yaml')

diff --git a/playbook.yaml b/playbook.yaml
index 4b0f4c7..4fb5ffa 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -202,7 +202,6 @@
    - name: Ensure required packages are installed
      ansible.builtin.apt:
       name:
-       - coturn  # Audio / video calling server
        - lua-dbi-postgresql  # Prosody postgres connection
        - postgresql  # Database
        - prosody  # XMPP server
@@ -225,6 +224,15 @@
      become: true
      when: not is_transport_server
 
+   - name: Ensure turn-specific packages are installed
+     ansible.builtin.apt:
+      name:
+       - coturn  # Audio / video calling server
+      state: present
+      update_cache: true
+     become: true
+     when: not is_transport_server
+
    - name: Ensure required ports with ufw applications are open
      community.general.ufw:
       rule: allow
@@ -232,7 +240,6 @@
       state: enabled
      loop:
       - OpenSSH
-      - Turnserver
       - XMPP
      become: true
 
@@ -246,6 +253,16 @@
      become: true
      when: not is_transport_server
 
+   - name: Ensure turn-specific ports with ufw applications are open
+     community.general.ufw:
+      rule: allow
+      name: "{{ item }}"
+      state: enabled
+     loop:
+      - Turnserver
+     become: true
+     when: not is_transport_server
+
    - name: Ensure other required tcp ports are open
      community.general.ufw:
       rule: allow
@@ -312,6 +329,7 @@
       mode: "0640"
      become: true
      notify: Restart coturn
+     when: not is_transport_server
 
    - name: Ensure prosody database is set up
      community.postgresql.postgresql_db:
-- 
cgit v1.2.3