aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorstuebinm2021-03-14 17:46:18 +0100
committerstuebinm2021-03-14 17:46:34 +0100
commit0d5adebcf26fbdc1f4d96861cf76d20b2ac42f0b (patch)
treed8899de292f791322ed1bf7a67a31cdf4c24b64a
parent2cc766a3ce7daeac1088c3233ff7d37813aec0cb (diff)
Support for static turn secrets in the backend.
Note that this has not been tested in the wild yet; it just does what the comments in the default docker-compose.yml by thecodingmachine suggests it should do to enable using the rest api of coturn.
-rw-r--r--default.nix1
-rw-r--r--instance-options.nix7
2 files changed, 7 insertions, 1 deletions
diff --git a/default.nix b/default.nix
index c972d40..d620da9 100644
--- a/default.nix
+++ b/default.nix
@@ -51,6 +51,7 @@ let
environment = {
HTTP_PORT = toString instanceConfig.backend.httpPort;
GRPC_PORT = toString instanceConfig.backend.grpcPort;
+ TURN_STATIC_AUTH_SECRET = instanceConfig.commonConfig.webrtc.turn.staticSecret;
} // envCommonConfig instanceConfig;
serviceConfig = {
User = "workadventure-backend";
diff --git a/instance-options.nix b/instance-options.nix
index c01932e..8df507d 100644
--- a/instance-options.nix
+++ b/instance-options.nix
@@ -167,7 +167,12 @@ with pkgs;
};
password = mkOption {
default = "workadventure";
- description = "Password for TURN authentication";
+ description = "Password for TURN authentication (will be served to clients!)";
+ type = types.str;
+ };
+ staticSecret = mkOption {
+ default = "";
+ description = "Static Secret for the coturn rest API (not served to clients)";
type = types.str;
};
};