summaryrefslogtreecommitdiff
path: root/hosts/chaski/services/coturn.nix
diff options
context:
space:
mode:
Diffstat (limited to 'hosts/chaski/services/coturn.nix')
-rw-r--r--hosts/chaski/services/coturn.nix54
1 files changed, 0 insertions, 54 deletions
diff --git a/hosts/chaski/services/coturn.nix b/hosts/chaski/services/coturn.nix
deleted file mode 100644
index 54ec6d6..0000000
--- a/hosts/chaski/services/coturn.nix
+++ /dev/null
@@ -1,54 +0,0 @@
-{pkgs, config, ...}:
-
-{
- services.coturn = {
- enable = true;
- realm = "chaski.stuebinm.eu";
- no-cli = true;
- lt-cred-mech = true;
- extraConfig = ''
- verbose
- fingerprint
- external-ip=95.217.159.23
- user=chaski:chaski
- server-name=chaski.stuebinm.eu
- #mobility
- #listening-ip=95.217.159.23
- prometheus
- '';
-
- cert = config.security.acme.certs."chaski.stuebinm.eu".directory + "full.pem";
- pkey = config.security.acme.certs."chaski.stuebinm.eu".directory + "key.pem";
- };
-
- security.acme = {
- email = "stuebinm@disroot.org";
- acceptTerms = true;
- };
-
- # just here to serve acme challanges
- services.nginx = {
- enable = true;
- user = "turnserver";
- virtualHosts."chaski.stuebinm.eu" = {
- root = "/var/www";
- enableACME = true;
- };
- };
-
- networking.firewall = with config.services.coturn; {
- allowedTCPPorts = [
- 80 # for acme challanges
- listening-port tls-listening-port
- (listening-port +1) (tls-listening-port +1)
- ];
- allowedUDPPorts = [
- listening-port
- tls-listening-port
- (listening-port +1) (tls-listening-port +1)
- ];
- allowedUDPPortRanges = [
- { from = min-port; to = max-port; }
- ];
- };
-}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-09 11:51:48 +0000