1 { config, name, lib, ... }:
3 config = lib.mkIf (name == "eldiron") {
4 networking.firewall.allowedTCPPorts = [
5 config.services.coturn.alt-listening-port
6 config.services.coturn.alt-tls-listening-port
7 config.services.coturn.listening-port
8 config.services.coturn.tls-listening-port
10 networking.firewall.allowedTCPPortRanges = [
11 { from = config.services.coturn.min-port; to = config.services.coturn.max-port; }
13 networking.firewall.allowedUDPPortRanges = [
14 { from = config.services.coturn.min-port; to = config.services.coturn.max-port; }
16 networking.firewall.allowedUDPPorts = [
17 config.services.coturn.alt-listening-port
18 config.services.coturn.alt-tls-listening-port
19 config.services.coturn.listening-port
20 config.services.coturn.tls-listening-port
22 #users.users.turnserver.extraGroups = [ "keys" ];
28 use-auth-secret = true;
30 realm = "eldiron.immae.eu";
38 static-auth-secret = config.myEnv.coturn.auth_access_key;
39 #cert = "/var/lib/acme/eldiron/fullchain.pem";
40 #pkey = "/var/lib/acme/eldiron/key.pem";
44 ] ++ config.myEnv.servers.eldiron.ips.main.ip4
45 ++ config.myEnv.servers.eldiron.ips.main.ip6;
49 ] ++ config.myEnv.servers.eldiron.ips.main.ip4
50 ++ config.myEnv.servers.eldiron.ips.main.ip6;