b3e62126db
Switching from from avhost/docker-matrix (silviof/docker-matrix) to matrixdotorg/synapse. The avhost/docker-matrix (silviof/docker-matrix) image used to bundle in the coturn STUN/TURN server, so as part of the move, we're separating this to a separately-ran service (matrix-coturn.service, powered by instrumentisto/coturn-docker-image)
42 lines
1.2 KiB
YAML
42 lines
1.2 KiB
YAML
---
|
|
|
|
- name: Fail if Coturn secret is missing
|
|
fail:
|
|
msg: "You need to set a secret in the matrix_coturn_turn_static_auth_secret variable"
|
|
when: "matrix_coturn_turn_static_auth_secret == ''"
|
|
|
|
- name: Ensure Coturn image is pulled
|
|
docker_image:
|
|
name: "{{ docker_coturn_image }}"
|
|
|
|
- name: Ensure Coturn configuration path exists
|
|
file:
|
|
path: "{{ matrix_coturn_base_path }}"
|
|
state: directory
|
|
mode: 0750
|
|
owner: "{{ matrix_user_username }}"
|
|
group: "{{ matrix_user_username }}"
|
|
|
|
- name: Ensure turnserver.conf installed
|
|
template:
|
|
src: "{{ role_path }}/templates/coturn/turnserver.conf.j2"
|
|
dest: "{{ matrix_coturn_config_path }}"
|
|
mode: 0644
|
|
|
|
- name: Ensure matrix-coturn.service installed
|
|
template:
|
|
src: "{{ role_path }}/templates/systemd/matrix-coturn.service.j2"
|
|
dest: "/etc/systemd/system/matrix-coturn.service"
|
|
mode: 0644
|
|
|
|
- name: Allow access to Coturn ports in firewalld
|
|
firewalld:
|
|
port: "{{ item }}"
|
|
state: enabled
|
|
immediate: yes
|
|
permanent: yes
|
|
with_items:
|
|
- '3478/tcp' # STUN
|
|
- '3478/udp' # STUN
|
|
- "{{ matrix_coturn_turn_udp_min_port }}-{{ matrix_coturn_turn_udp_max_port }}/udp" # TURN
|
|
when: ansible_os_family == 'RedHat' |