37 lines
887 B
Nix
37 lines
887 B
Nix
{ config, ... }: {
|
|
sops.secrets = {
|
|
"dotspace/coturn/cert.pem" = {
|
|
owner = config.systemd.services.coturn.serviceConfig.User;
|
|
};
|
|
"dotspace/coturn/pkey.pem" = {
|
|
owner = config.systemd.services.coturn.serviceConfig.User;
|
|
};
|
|
"dotspace/coturn/static_auth_secret" = {
|
|
owner = config.systemd.services.coturn.serviceConfig.User;
|
|
};
|
|
};
|
|
|
|
# https://gist.github.com/maxidorius/2b0acc2e707ae9a2d6d0267026a1024f
|
|
services.coturn = {
|
|
enable = true;
|
|
|
|
# syslog
|
|
# verbose
|
|
|
|
lt-cred-mech = true;
|
|
use-auth-secret = true;
|
|
|
|
static-auth-secret-file = "/run/secrets/dotspace/coturn/static_auth_secret";
|
|
realm = "turn.mlaga97.space";
|
|
|
|
cert = "/run/secrets/dotspace/coturn/cert.pem";
|
|
pkey = "/run/secrets/dotspace/coturn/pkey.pem";
|
|
|
|
no-udp = true;
|
|
|
|
listening-ips = [
|
|
"68.183.54.8"
|
|
"10.86.84.1"
|
|
];
|
|
};
|
|
}
|