motiejus/config
1
Fork 0
Code Packages Releases Activity

add coturn to firewall

Browse Source
This commit is contained in:
Motiejus Jakštys 2023-03-01 13:06:53 +02:00
parent f537b43a0d
commit 5f1f3e1bfc
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
configuration.nix
View File

@ -344,6 +344,8 @@ in {
coturn = { coturn = {
enable = true; enable = true;
static-auth-secret-file = "\${CREDENTIALS_DIRECTORY}/static-auth-secret"; static-auth-secret-file = "\${CREDENTIALS_DIRECTORY}/static-auth-secret";
min-port = 49152;
max-port = 49999;
cert = "/run/coturn/tls-cert.pem"; cert = "/run/coturn/tls-cert.pem";
pkey = "/run/coturn/tls-key.pem"; pkey = "/run/coturn/tls-key.pem";
}; };
@ -393,8 +395,9 @@ in {
hostName = "hel1-a"; hostName = "hel1-a";
domain = "jakstys.lt"; domain = "jakstys.lt";
firewall = { firewall = {
allowedTCPPorts = [ 80 443 ]; allowedTCPPorts = [ 80 443 3478 5349 ];
allowedUDPPorts = [ 443 ]; allowedUDPPorts = [ 443 ];
allowedUDPPortRanges = [ { from = 49152; to = 49999; } ]; # coturn
checkReversePath = "loose"; # tailscale insists on this checkReversePath = "loose"; # tailscale insists on this
}; };
}; };